1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1982, 1986, 1989, 1991, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * @(#)kern_proc.c 8.7 (Berkeley) 2/14/95
32 */
33
34 #include <sys/cdefs.h>
35 #include "opt_ddb.h"
36 #include "opt_ktrace.h"
37 #include "opt_kstack_pages.h"
38 #include "opt_stack.h"
39
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/bitstring.h>
43 #include <sys/elf.h>
44 #include <sys/eventhandler.h>
45 #include <sys/exec.h>
46 #include <sys/fcntl.h>
47 #include <sys/jail.h>
48 #include <sys/kernel.h>
49 #include <sys/limits.h>
50 #include <sys/lock.h>
51 #include <sys/loginclass.h>
52 #include <sys/malloc.h>
53 #include <sys/mman.h>
54 #include <sys/mount.h>
55 #include <sys/mutex.h>
56 #include <sys/namei.h>
57 #include <sys/proc.h>
58 #include <sys/ptrace.h>
59 #include <sys/refcount.h>
60 #include <sys/resourcevar.h>
61 #include <sys/rwlock.h>
62 #include <sys/sbuf.h>
63 #include <sys/sysent.h>
64 #include <sys/sched.h>
65 #include <sys/smp.h>
66 #include <sys/stack.h>
67 #include <sys/stat.h>
68 #include <sys/dtrace_bsd.h>
69 #include <sys/sysctl.h>
70 #include <sys/filedesc.h>
71 #include <sys/tty.h>
72 #include <sys/signalvar.h>
73 #include <sys/sdt.h>
74 #include <sys/sx.h>
75 #include <sys/user.h>
76 #include <sys/vnode.h>
77 #include <sys/wait.h>
78 #ifdef KTRACE
79 #include <sys/ktrace.h>
80 #endif
81
82 #ifdef DDB
83 #include <ddb/ddb.h>
84 #endif
85
86 #include <vm/vm.h>
87 #include <vm/vm_param.h>
88 #include <vm/vm_extern.h>
89 #include <vm/pmap.h>
90 #include <vm/vm_map.h>
91 #include <vm/vm_object.h>
92 #include <vm/vm_page.h>
93 #include <vm/uma.h>
94
95 #include <fs/devfs/devfs.h>
96
97 #ifdef COMPAT_FREEBSD32
98 #include <compat/freebsd32/freebsd32.h>
99 #include <compat/freebsd32/freebsd32_util.h>
100 #endif
101
102 SDT_PROVIDER_DEFINE(proc);
103
104 MALLOC_DEFINE(M_SESSION, "session", "session header");
105 static MALLOC_DEFINE(M_PROC, "proc", "Proc structures");
106 MALLOC_DEFINE(M_SUBPROC, "subproc", "Proc sub-structures");
107
108 static void doenterpgrp(struct proc *, struct pgrp *);
109 static void orphanpg(struct pgrp *pg);
110 static void fill_kinfo_aggregate(struct proc *p, struct kinfo_proc *kp);
111 static void fill_kinfo_proc_only(struct proc *p, struct kinfo_proc *kp);
112 static void fill_kinfo_thread(struct thread *td, struct kinfo_proc *kp,
113 int preferthread);
114 static void pgdelete(struct pgrp *);
115 static int pgrp_init(void *mem, int size, int flags);
116 static int proc_ctor(void *mem, int size, void *arg, int flags);
117 static void proc_dtor(void *mem, int size, void *arg);
118 static int proc_init(void *mem, int size, int flags);
119 static void proc_fini(void *mem, int size);
120 static void pargs_free(struct pargs *pa);
121
122 /*
123 * Other process lists
124 */
125 struct pidhashhead *pidhashtbl = NULL;
126 struct sx *pidhashtbl_lock;
127 u_long pidhash;
128 u_long pidhashlock;
129 struct pgrphashhead *pgrphashtbl;
130 u_long pgrphash;
131 struct proclist allproc = LIST_HEAD_INITIALIZER(allproc);
132 struct sx __exclusive_cache_line allproc_lock;
133 struct sx __exclusive_cache_line proctree_lock;
134 struct mtx __exclusive_cache_line ppeers_lock;
135 struct mtx __exclusive_cache_line procid_lock;
136 uma_zone_t proc_zone;
137 uma_zone_t pgrp_zone;
138
139 /*
140 * The offset of various fields in struct proc and struct thread.
141 * These are used by kernel debuggers to enumerate kernel threads and
142 * processes.
143 */
144 const int proc_off_p_pid = offsetof(struct proc, p_pid);
145 const int proc_off_p_comm = offsetof(struct proc, p_comm);
146 const int proc_off_p_list = offsetof(struct proc, p_list);
147 const int proc_off_p_hash = offsetof(struct proc, p_hash);
148 const int proc_off_p_threads = offsetof(struct proc, p_threads);
149 const int thread_off_td_tid = offsetof(struct thread, td_tid);
150 const int thread_off_td_name = offsetof(struct thread, td_name);
151 const int thread_off_td_oncpu = offsetof(struct thread, td_oncpu);
152 const int thread_off_td_pcb = offsetof(struct thread, td_pcb);
153 const int thread_off_td_plist = offsetof(struct thread, td_plist);
154
155 EVENTHANDLER_LIST_DEFINE(process_ctor);
156 EVENTHANDLER_LIST_DEFINE(process_dtor);
157 EVENTHANDLER_LIST_DEFINE(process_init);
158 EVENTHANDLER_LIST_DEFINE(process_fini);
159 EVENTHANDLER_LIST_DEFINE(process_exit);
160 EVENTHANDLER_LIST_DEFINE(process_fork);
161 EVENTHANDLER_LIST_DEFINE(process_exec);
162
163 int kstack_pages = KSTACK_PAGES;
164 SYSCTL_INT(_kern, OID_AUTO, kstack_pages, CTLFLAG_RD, &kstack_pages, 0,
165 "Kernel stack size in pages");
166 static int vmmap_skip_res_cnt = 0;
167 SYSCTL_INT(_kern, OID_AUTO, proc_vmmap_skip_resident_count, CTLFLAG_RW,
168 &vmmap_skip_res_cnt, 0,
169 "Skip calculation of the pages resident count in kern.proc.vmmap");
170
171 CTASSERT(sizeof(struct kinfo_proc) == KINFO_PROC_SIZE);
172 #ifdef COMPAT_FREEBSD32
173 CTASSERT(sizeof(struct kinfo_proc32) == KINFO_PROC32_SIZE);
174 #endif
175
176 /*
177 * Initialize global process hashing structures.
178 */
179 void
procinit(void)180 procinit(void)
181 {
182 u_long i;
183
184 sx_init(&allproc_lock, "allproc");
185 sx_init(&proctree_lock, "proctree");
186 mtx_init(&ppeers_lock, "p_peers", NULL, MTX_DEF);
187 mtx_init(&procid_lock, "procid", NULL, MTX_DEF);
188 pidhashtbl = hashinit(maxproc / 4, M_PROC, &pidhash);
189 pidhashlock = (pidhash + 1) / 64;
190 if (pidhashlock > 0)
191 pidhashlock--;
192 pidhashtbl_lock = malloc(sizeof(*pidhashtbl_lock) * (pidhashlock + 1),
193 M_PROC, M_WAITOK | M_ZERO);
194 for (i = 0; i < pidhashlock + 1; i++)
195 sx_init_flags(&pidhashtbl_lock[i], "pidhash", SX_DUPOK);
196 pgrphashtbl = hashinit(maxproc / 4, M_PROC, &pgrphash);
197 proc_zone = uma_zcreate("PROC", sched_sizeof_proc(),
198 proc_ctor, proc_dtor, proc_init, proc_fini,
199 UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
200 pgrp_zone = uma_zcreate("PGRP", sizeof(struct pgrp), NULL, NULL,
201 pgrp_init, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
202 uihashinit();
203 }
204
205 /*
206 * Prepare a proc for use.
207 */
208 static int
proc_ctor(void * mem,int size,void * arg,int flags)209 proc_ctor(void *mem, int size, void *arg, int flags)
210 {
211 struct proc *p;
212 struct thread *td;
213
214 p = (struct proc *)mem;
215 #ifdef KDTRACE_HOOKS
216 kdtrace_proc_ctor(p);
217 #endif
218 EVENTHANDLER_DIRECT_INVOKE(process_ctor, p);
219 td = FIRST_THREAD_IN_PROC(p);
220 if (td != NULL) {
221 /* Make sure all thread constructors are executed */
222 EVENTHANDLER_DIRECT_INVOKE(thread_ctor, td);
223 }
224 return (0);
225 }
226
227 /*
228 * Reclaim a proc after use.
229 */
230 static void
proc_dtor(void * mem,int size,void * arg)231 proc_dtor(void *mem, int size, void *arg)
232 {
233 struct proc *p;
234 struct thread *td;
235
236 /* INVARIANTS checks go here */
237 p = (struct proc *)mem;
238 td = FIRST_THREAD_IN_PROC(p);
239 if (td != NULL) {
240 #ifdef INVARIANTS
241 KASSERT((p->p_numthreads == 1),
242 ("bad number of threads in exiting process"));
243 KASSERT(STAILQ_EMPTY(&p->p_ktr), ("proc_dtor: non-empty p_ktr"));
244 #endif
245 /* Free all OSD associated to this thread. */
246 osd_thread_exit(td);
247 td_softdep_cleanup(td);
248 MPASS(td->td_su == NULL);
249
250 /* Make sure all thread destructors are executed */
251 EVENTHANDLER_DIRECT_INVOKE(thread_dtor, td);
252 }
253 EVENTHANDLER_DIRECT_INVOKE(process_dtor, p);
254 #ifdef KDTRACE_HOOKS
255 kdtrace_proc_dtor(p);
256 #endif
257 if (p->p_ksi != NULL)
258 KASSERT(! KSI_ONQ(p->p_ksi), ("SIGCHLD queue"));
259 }
260
261 /*
262 * Initialize type-stable parts of a proc (when newly created).
263 */
264 static int
proc_init(void * mem,int size,int flags)265 proc_init(void *mem, int size, int flags)
266 {
267 struct proc *p;
268
269 p = (struct proc *)mem;
270 mtx_init(&p->p_mtx, "process lock", NULL, MTX_DEF | MTX_DUPOK | MTX_NEW);
271 mtx_init(&p->p_slock, "process slock", NULL, MTX_SPIN | MTX_NEW);
272 mtx_init(&p->p_statmtx, "pstatl", NULL, MTX_SPIN | MTX_NEW);
273 mtx_init(&p->p_itimmtx, "pitiml", NULL, MTX_SPIN | MTX_NEW);
274 mtx_init(&p->p_profmtx, "pprofl", NULL, MTX_SPIN | MTX_NEW);
275 cv_init(&p->p_pwait, "ppwait");
276 TAILQ_INIT(&p->p_threads); /* all threads in proc */
277 EVENTHANDLER_DIRECT_INVOKE(process_init, p);
278 p->p_stats = pstats_alloc();
279 p->p_pgrp = NULL;
280 TAILQ_INIT(&p->p_kqtim_stop);
281 return (0);
282 }
283
284 /*
285 * UMA should ensure that this function is never called.
286 * Freeing a proc structure would violate type stability.
287 */
288 static void
proc_fini(void * mem,int size)289 proc_fini(void *mem, int size)
290 {
291 #ifdef notnow
292 struct proc *p;
293
294 p = (struct proc *)mem;
295 EVENTHANDLER_DIRECT_INVOKE(process_fini, p);
296 pstats_free(p->p_stats);
297 thread_free(FIRST_THREAD_IN_PROC(p));
298 mtx_destroy(&p->p_mtx);
299 if (p->p_ksi != NULL)
300 ksiginfo_free(p->p_ksi);
301 #else
302 panic("proc reclaimed");
303 #endif
304 }
305
306 static int
pgrp_init(void * mem,int size,int flags)307 pgrp_init(void *mem, int size, int flags)
308 {
309 struct pgrp *pg;
310
311 pg = mem;
312 mtx_init(&pg->pg_mtx, "process group", NULL, MTX_DEF | MTX_DUPOK);
313 sx_init(&pg->pg_killsx, "killpg racer");
314 return (0);
315 }
316
317 /*
318 * PID space management.
319 *
320 * These bitmaps are used by fork_findpid.
321 */
322 bitstr_t bit_decl(proc_id_pidmap, PID_MAX);
323 bitstr_t bit_decl(proc_id_grpidmap, PID_MAX);
324 bitstr_t bit_decl(proc_id_sessidmap, PID_MAX);
325 bitstr_t bit_decl(proc_id_reapmap, PID_MAX);
326
327 static bitstr_t *proc_id_array[] = {
328 proc_id_pidmap,
329 proc_id_grpidmap,
330 proc_id_sessidmap,
331 proc_id_reapmap,
332 };
333
334 void
proc_id_set(int type,pid_t id)335 proc_id_set(int type, pid_t id)
336 {
337
338 KASSERT(type >= 0 && type < nitems(proc_id_array),
339 ("invalid type %d\n", type));
340 mtx_lock(&procid_lock);
341 KASSERT(bit_test(proc_id_array[type], id) == 0,
342 ("bit %d already set in %d\n", id, type));
343 bit_set(proc_id_array[type], id);
344 mtx_unlock(&procid_lock);
345 }
346
347 void
proc_id_set_cond(int type,pid_t id)348 proc_id_set_cond(int type, pid_t id)
349 {
350
351 KASSERT(type >= 0 && type < nitems(proc_id_array),
352 ("invalid type %d\n", type));
353 if (bit_test(proc_id_array[type], id))
354 return;
355 mtx_lock(&procid_lock);
356 bit_set(proc_id_array[type], id);
357 mtx_unlock(&procid_lock);
358 }
359
360 void
proc_id_clear(int type,pid_t id)361 proc_id_clear(int type, pid_t id)
362 {
363
364 KASSERT(type >= 0 && type < nitems(proc_id_array),
365 ("invalid type %d\n", type));
366 mtx_lock(&procid_lock);
367 KASSERT(bit_test(proc_id_array[type], id) != 0,
368 ("bit %d not set in %d\n", id, type));
369 bit_clear(proc_id_array[type], id);
370 mtx_unlock(&procid_lock);
371 }
372
373 /*
374 * Is p an inferior of the current process?
375 */
376 int
inferior(struct proc * p)377 inferior(struct proc *p)
378 {
379
380 sx_assert(&proctree_lock, SX_LOCKED);
381 PROC_LOCK_ASSERT(p, MA_OWNED);
382 for (; p != curproc; p = proc_realparent(p)) {
383 if (p->p_pid == 0)
384 return (0);
385 }
386 return (1);
387 }
388
389 /*
390 * Shared lock all the pid hash lists.
391 */
392 void
pidhash_slockall(void)393 pidhash_slockall(void)
394 {
395 u_long i;
396
397 for (i = 0; i < pidhashlock + 1; i++)
398 sx_slock(&pidhashtbl_lock[i]);
399 }
400
401 /*
402 * Shared unlock all the pid hash lists.
403 */
404 void
pidhash_sunlockall(void)405 pidhash_sunlockall(void)
406 {
407 u_long i;
408
409 for (i = 0; i < pidhashlock + 1; i++)
410 sx_sunlock(&pidhashtbl_lock[i]);
411 }
412
413 /*
414 * Similar to pfind_any(), this function finds zombies.
415 */
416 struct proc *
pfind_any_locked(pid_t pid)417 pfind_any_locked(pid_t pid)
418 {
419 struct proc *p;
420
421 sx_assert(PIDHASHLOCK(pid), SX_LOCKED);
422 LIST_FOREACH(p, PIDHASH(pid), p_hash) {
423 if (p->p_pid == pid) {
424 PROC_LOCK(p);
425 if (p->p_state == PRS_NEW) {
426 PROC_UNLOCK(p);
427 p = NULL;
428 }
429 break;
430 }
431 }
432 return (p);
433 }
434
435 /*
436 * Locate a process by number.
437 *
438 * By not returning processes in the PRS_NEW state, we allow callers to avoid
439 * testing for that condition to avoid dereferencing p_ucred, et al.
440 */
441 static __always_inline struct proc *
_pfind(pid_t pid,bool zombie)442 _pfind(pid_t pid, bool zombie)
443 {
444 struct proc *p;
445
446 p = curproc;
447 if (p->p_pid == pid) {
448 PROC_LOCK(p);
449 return (p);
450 }
451 sx_slock(PIDHASHLOCK(pid));
452 LIST_FOREACH(p, PIDHASH(pid), p_hash) {
453 if (p->p_pid == pid) {
454 PROC_LOCK(p);
455 if (p->p_state == PRS_NEW ||
456 (!zombie && p->p_state == PRS_ZOMBIE)) {
457 PROC_UNLOCK(p);
458 p = NULL;
459 }
460 break;
461 }
462 }
463 sx_sunlock(PIDHASHLOCK(pid));
464 return (p);
465 }
466
467 struct proc *
pfind(pid_t pid)468 pfind(pid_t pid)
469 {
470
471 return (_pfind(pid, false));
472 }
473
474 /*
475 * Same as pfind but allow zombies.
476 */
477 struct proc *
pfind_any(pid_t pid)478 pfind_any(pid_t pid)
479 {
480
481 return (_pfind(pid, true));
482 }
483
484 /*
485 * Locate a process group by number.
486 * The caller must hold proctree_lock.
487 */
488 struct pgrp *
pgfind(pid_t pgid)489 pgfind(pid_t pgid)
490 {
491 struct pgrp *pgrp;
492
493 sx_assert(&proctree_lock, SX_LOCKED);
494
495 LIST_FOREACH(pgrp, PGRPHASH(pgid), pg_hash) {
496 if (pgrp->pg_id == pgid) {
497 PGRP_LOCK(pgrp);
498 return (pgrp);
499 }
500 }
501 return (NULL);
502 }
503
504 /*
505 * Locate process and do additional manipulations, depending on flags.
506 */
507 int
pget(pid_t pid,int flags,struct proc ** pp)508 pget(pid_t pid, int flags, struct proc **pp)
509 {
510 struct proc *p;
511 struct thread *td1;
512 int error;
513
514 p = curproc;
515 if (p->p_pid == pid) {
516 PROC_LOCK(p);
517 } else {
518 p = NULL;
519 if (pid <= PID_MAX) {
520 if ((flags & PGET_NOTWEXIT) == 0)
521 p = pfind_any(pid);
522 else
523 p = pfind(pid);
524 } else if ((flags & PGET_NOTID) == 0) {
525 td1 = tdfind(pid, -1);
526 if (td1 != NULL)
527 p = td1->td_proc;
528 }
529 if (p == NULL)
530 return (ESRCH);
531 if ((flags & PGET_CANSEE) != 0) {
532 error = p_cansee(curthread, p);
533 if (error != 0)
534 goto errout;
535 }
536 }
537 if ((flags & PGET_CANDEBUG) != 0) {
538 error = p_candebug(curthread, p);
539 if (error != 0)
540 goto errout;
541 }
542 if ((flags & PGET_ISCURRENT) != 0 && curproc != p) {
543 error = EPERM;
544 goto errout;
545 }
546 if ((flags & PGET_NOTWEXIT) != 0 && (p->p_flag & P_WEXIT) != 0) {
547 error = ESRCH;
548 goto errout;
549 }
550 if ((flags & PGET_NOTINEXEC) != 0 && (p->p_flag & P_INEXEC) != 0) {
551 /*
552 * XXXRW: Not clear ESRCH is the right error during proc
553 * execve().
554 */
555 error = ESRCH;
556 goto errout;
557 }
558 if ((flags & PGET_HOLD) != 0) {
559 _PHOLD(p);
560 PROC_UNLOCK(p);
561 }
562 *pp = p;
563 return (0);
564 errout:
565 PROC_UNLOCK(p);
566 return (error);
567 }
568
569 /*
570 * Create a new process group.
571 * pgid must be equal to the pid of p.
572 * Begin a new session if required.
573 */
574 int
enterpgrp(struct proc * p,pid_t pgid,struct pgrp * pgrp,struct session * sess)575 enterpgrp(struct proc *p, pid_t pgid, struct pgrp *pgrp, struct session *sess)
576 {
577 struct pgrp *old_pgrp;
578
579 sx_assert(&proctree_lock, SX_XLOCKED);
580
581 KASSERT(pgrp != NULL, ("enterpgrp: pgrp == NULL"));
582 KASSERT(p->p_pid == pgid,
583 ("enterpgrp: new pgrp and pid != pgid"));
584 KASSERT(pgfind(pgid) == NULL,
585 ("enterpgrp: pgrp with pgid exists"));
586 KASSERT(!SESS_LEADER(p),
587 ("enterpgrp: session leader attempted setpgrp"));
588
589 old_pgrp = p->p_pgrp;
590 if (!sx_try_xlock(&old_pgrp->pg_killsx)) {
591 sx_xunlock(&proctree_lock);
592 sx_xlock(&old_pgrp->pg_killsx);
593 sx_xunlock(&old_pgrp->pg_killsx);
594 return (ERESTART);
595 }
596 MPASS(old_pgrp == p->p_pgrp);
597
598 if (sess != NULL) {
599 /*
600 * new session
601 */
602 mtx_init(&sess->s_mtx, "session", NULL, MTX_DEF);
603 PROC_LOCK(p);
604 p->p_flag &= ~P_CONTROLT;
605 PROC_UNLOCK(p);
606 PGRP_LOCK(pgrp);
607 sess->s_leader = p;
608 sess->s_sid = p->p_pid;
609 proc_id_set(PROC_ID_SESSION, p->p_pid);
610 refcount_init(&sess->s_count, 1);
611 sess->s_ttyvp = NULL;
612 sess->s_ttydp = NULL;
613 sess->s_ttyp = NULL;
614 bcopy(p->p_session->s_login, sess->s_login,
615 sizeof(sess->s_login));
616 pgrp->pg_session = sess;
617 KASSERT(p == curproc,
618 ("enterpgrp: mksession and p != curproc"));
619 } else {
620 pgrp->pg_session = p->p_session;
621 sess_hold(pgrp->pg_session);
622 PGRP_LOCK(pgrp);
623 }
624 pgrp->pg_id = pgid;
625 proc_id_set(PROC_ID_GROUP, p->p_pid);
626 LIST_INIT(&pgrp->pg_members);
627 pgrp->pg_flags = 0;
628
629 /*
630 * As we have an exclusive lock of proctree_lock,
631 * this should not deadlock.
632 */
633 LIST_INSERT_HEAD(PGRPHASH(pgid), pgrp, pg_hash);
634 SLIST_INIT(&pgrp->pg_sigiolst);
635 PGRP_UNLOCK(pgrp);
636
637 doenterpgrp(p, pgrp);
638
639 sx_xunlock(&old_pgrp->pg_killsx);
640 return (0);
641 }
642
643 /*
644 * Move p to an existing process group
645 */
646 int
enterthispgrp(struct proc * p,struct pgrp * pgrp)647 enterthispgrp(struct proc *p, struct pgrp *pgrp)
648 {
649 struct pgrp *old_pgrp;
650
651 sx_assert(&proctree_lock, SX_XLOCKED);
652 PROC_LOCK_ASSERT(p, MA_NOTOWNED);
653 PGRP_LOCK_ASSERT(pgrp, MA_NOTOWNED);
654 PGRP_LOCK_ASSERT(p->p_pgrp, MA_NOTOWNED);
655 SESS_LOCK_ASSERT(p->p_session, MA_NOTOWNED);
656 KASSERT(pgrp->pg_session == p->p_session,
657 ("%s: pgrp's session %p, p->p_session %p proc %p\n",
658 __func__, pgrp->pg_session, p->p_session, p));
659 KASSERT(pgrp != p->p_pgrp,
660 ("%s: p %p belongs to pgrp %p", __func__, p, pgrp));
661
662 old_pgrp = p->p_pgrp;
663 if (!sx_try_xlock(&old_pgrp->pg_killsx)) {
664 sx_xunlock(&proctree_lock);
665 sx_xlock(&old_pgrp->pg_killsx);
666 sx_xunlock(&old_pgrp->pg_killsx);
667 return (ERESTART);
668 }
669 MPASS(old_pgrp == p->p_pgrp);
670 if (!sx_try_xlock(&pgrp->pg_killsx)) {
671 sx_xunlock(&old_pgrp->pg_killsx);
672 sx_xunlock(&proctree_lock);
673 sx_xlock(&pgrp->pg_killsx);
674 sx_xunlock(&pgrp->pg_killsx);
675 return (ERESTART);
676 }
677
678 doenterpgrp(p, pgrp);
679
680 sx_xunlock(&pgrp->pg_killsx);
681 sx_xunlock(&old_pgrp->pg_killsx);
682 return (0);
683 }
684
685 /*
686 * If true, any child of q which belongs to group pgrp, qualifies the
687 * process group pgrp as not orphaned.
688 */
689 static bool
isjobproc(struct proc * q,struct pgrp * pgrp)690 isjobproc(struct proc *q, struct pgrp *pgrp)
691 {
692 sx_assert(&proctree_lock, SX_LOCKED);
693
694 return (q->p_pgrp != pgrp &&
695 q->p_pgrp->pg_session == pgrp->pg_session);
696 }
697
698 static struct proc *
jobc_reaper(struct proc * p)699 jobc_reaper(struct proc *p)
700 {
701 struct proc *pp;
702
703 sx_assert(&proctree_lock, SA_LOCKED);
704
705 for (pp = p;;) {
706 pp = pp->p_reaper;
707 if (pp->p_reaper == pp ||
708 (pp->p_treeflag & P_TREE_GRPEXITED) == 0)
709 return (pp);
710 }
711 }
712
713 static struct proc *
jobc_parent(struct proc * p,struct proc * p_exiting)714 jobc_parent(struct proc *p, struct proc *p_exiting)
715 {
716 struct proc *pp;
717
718 sx_assert(&proctree_lock, SA_LOCKED);
719
720 pp = proc_realparent(p);
721 if (pp->p_pptr == NULL || pp == p_exiting ||
722 (pp->p_treeflag & P_TREE_GRPEXITED) == 0)
723 return (pp);
724 return (jobc_reaper(pp));
725 }
726
727 static int
pgrp_calc_jobc(struct pgrp * pgrp)728 pgrp_calc_jobc(struct pgrp *pgrp)
729 {
730 struct proc *q;
731 int cnt;
732
733 #ifdef INVARIANTS
734 if (!mtx_owned(&pgrp->pg_mtx))
735 sx_assert(&proctree_lock, SA_LOCKED);
736 #endif
737
738 cnt = 0;
739 LIST_FOREACH(q, &pgrp->pg_members, p_pglist) {
740 if ((q->p_treeflag & P_TREE_GRPEXITED) != 0 ||
741 q->p_pptr == NULL)
742 continue;
743 if (isjobproc(jobc_parent(q, NULL), pgrp))
744 cnt++;
745 }
746 return (cnt);
747 }
748
749 /*
750 * Move p to a process group
751 */
752 static void
doenterpgrp(struct proc * p,struct pgrp * pgrp)753 doenterpgrp(struct proc *p, struct pgrp *pgrp)
754 {
755 struct pgrp *savepgrp;
756 struct proc *pp;
757
758 sx_assert(&proctree_lock, SX_XLOCKED);
759 PROC_LOCK_ASSERT(p, MA_NOTOWNED);
760 PGRP_LOCK_ASSERT(pgrp, MA_NOTOWNED);
761 PGRP_LOCK_ASSERT(p->p_pgrp, MA_NOTOWNED);
762 SESS_LOCK_ASSERT(p->p_session, MA_NOTOWNED);
763
764 savepgrp = p->p_pgrp;
765 pp = jobc_parent(p, NULL);
766
767 PGRP_LOCK(pgrp);
768 PGRP_LOCK(savepgrp);
769 if (isjobproc(pp, savepgrp) && pgrp_calc_jobc(savepgrp) == 1)
770 orphanpg(savepgrp);
771 PROC_LOCK(p);
772 LIST_REMOVE(p, p_pglist);
773 p->p_pgrp = pgrp;
774 PROC_UNLOCK(p);
775 LIST_INSERT_HEAD(&pgrp->pg_members, p, p_pglist);
776 if (isjobproc(pp, pgrp))
777 pgrp->pg_flags &= ~PGRP_ORPHANED;
778 PGRP_UNLOCK(savepgrp);
779 PGRP_UNLOCK(pgrp);
780 if (LIST_EMPTY(&savepgrp->pg_members))
781 pgdelete(savepgrp);
782 }
783
784 /*
785 * remove process from process group
786 */
787 int
leavepgrp(struct proc * p)788 leavepgrp(struct proc *p)
789 {
790 struct pgrp *savepgrp;
791
792 sx_assert(&proctree_lock, SX_XLOCKED);
793 savepgrp = p->p_pgrp;
794 PGRP_LOCK(savepgrp);
795 PROC_LOCK(p);
796 LIST_REMOVE(p, p_pglist);
797 p->p_pgrp = NULL;
798 PROC_UNLOCK(p);
799 PGRP_UNLOCK(savepgrp);
800 if (LIST_EMPTY(&savepgrp->pg_members))
801 pgdelete(savepgrp);
802 return (0);
803 }
804
805 /*
806 * delete a process group
807 */
808 static void
pgdelete(struct pgrp * pgrp)809 pgdelete(struct pgrp *pgrp)
810 {
811 struct session *savesess;
812 struct tty *tp;
813
814 sx_assert(&proctree_lock, SX_XLOCKED);
815 PGRP_LOCK_ASSERT(pgrp, MA_NOTOWNED);
816 SESS_LOCK_ASSERT(pgrp->pg_session, MA_NOTOWNED);
817
818 /*
819 * Reset any sigio structures pointing to us as a result of
820 * F_SETOWN with our pgid. The proctree lock ensures that
821 * new sigio structures will not be added after this point.
822 */
823 funsetownlst(&pgrp->pg_sigiolst);
824
825 PGRP_LOCK(pgrp);
826 tp = pgrp->pg_session->s_ttyp;
827 LIST_REMOVE(pgrp, pg_hash);
828 savesess = pgrp->pg_session;
829 PGRP_UNLOCK(pgrp);
830
831 /* Remove the reference to the pgrp before deallocating it. */
832 if (tp != NULL) {
833 tty_lock(tp);
834 tty_rel_pgrp(tp, pgrp);
835 }
836
837 proc_id_clear(PROC_ID_GROUP, pgrp->pg_id);
838 uma_zfree(pgrp_zone, pgrp);
839 sess_release(savesess);
840 }
841
842
843 static void
fixjobc_kill(struct proc * p)844 fixjobc_kill(struct proc *p)
845 {
846 struct proc *q;
847 struct pgrp *pgrp;
848
849 sx_assert(&proctree_lock, SX_LOCKED);
850 PROC_LOCK_ASSERT(p, MA_NOTOWNED);
851 pgrp = p->p_pgrp;
852 PGRP_LOCK_ASSERT(pgrp, MA_NOTOWNED);
853 SESS_LOCK_ASSERT(pgrp->pg_session, MA_NOTOWNED);
854
855 /*
856 * p no longer affects process group orphanage for children.
857 * It is marked by the flag because p is only physically
858 * removed from its process group on wait(2).
859 */
860 MPASS((p->p_treeflag & P_TREE_GRPEXITED) == 0);
861 p->p_treeflag |= P_TREE_GRPEXITED;
862
863 /*
864 * Check if exiting p orphans its own group.
865 */
866 pgrp = p->p_pgrp;
867 if (isjobproc(jobc_parent(p, NULL), pgrp)) {
868 PGRP_LOCK(pgrp);
869 if (pgrp_calc_jobc(pgrp) == 0)
870 orphanpg(pgrp);
871 PGRP_UNLOCK(pgrp);
872 }
873
874 /*
875 * Check this process' children to see whether they qualify
876 * their process groups after reparenting to reaper.
877 */
878 LIST_FOREACH(q, &p->p_children, p_sibling) {
879 pgrp = q->p_pgrp;
880 PGRP_LOCK(pgrp);
881 if (pgrp_calc_jobc(pgrp) == 0) {
882 /*
883 * We want to handle exactly the children that
884 * has p as realparent. Then, when calculating
885 * jobc_parent for children, we should ignore
886 * P_TREE_GRPEXITED flag already set on p.
887 */
888 if (jobc_parent(q, p) == p && isjobproc(p, pgrp))
889 orphanpg(pgrp);
890 } else
891 pgrp->pg_flags &= ~PGRP_ORPHANED;
892 PGRP_UNLOCK(pgrp);
893 }
894 LIST_FOREACH(q, &p->p_orphans, p_orphan) {
895 pgrp = q->p_pgrp;
896 PGRP_LOCK(pgrp);
897 if (pgrp_calc_jobc(pgrp) == 0) {
898 if (isjobproc(p, pgrp))
899 orphanpg(pgrp);
900 } else
901 pgrp->pg_flags &= ~PGRP_ORPHANED;
902 PGRP_UNLOCK(pgrp);
903 }
904 }
905
906 void
killjobc(void)907 killjobc(void)
908 {
909 struct session *sp;
910 struct tty *tp;
911 struct proc *p;
912 struct vnode *ttyvp;
913
914 p = curproc;
915 MPASS(p->p_flag & P_WEXIT);
916 sx_assert(&proctree_lock, SX_LOCKED);
917
918 if (SESS_LEADER(p)) {
919 sp = p->p_session;
920
921 /*
922 * s_ttyp is not zero'd; we use this to indicate that
923 * the session once had a controlling terminal. (for
924 * logging and informational purposes)
925 */
926 SESS_LOCK(sp);
927 ttyvp = sp->s_ttyvp;
928 tp = sp->s_ttyp;
929 sp->s_ttyvp = NULL;
930 sp->s_ttydp = NULL;
931 sp->s_leader = NULL;
932 SESS_UNLOCK(sp);
933
934 /*
935 * Signal foreground pgrp and revoke access to
936 * controlling terminal if it has not been revoked
937 * already.
938 *
939 * Because the TTY may have been revoked in the mean
940 * time and could already have a new session associated
941 * with it, make sure we don't send a SIGHUP to a
942 * foreground process group that does not belong to this
943 * session.
944 */
945
946 if (tp != NULL) {
947 tty_lock(tp);
948 if (tp->t_session == sp)
949 tty_signal_pgrp(tp, SIGHUP);
950 tty_unlock(tp);
951 }
952
953 if (ttyvp != NULL) {
954 sx_xunlock(&proctree_lock);
955 if (vn_lock(ttyvp, LK_EXCLUSIVE) == 0) {
956 VOP_REVOKE(ttyvp, REVOKEALL);
957 VOP_UNLOCK(ttyvp);
958 }
959 devfs_ctty_unref(ttyvp);
960 sx_xlock(&proctree_lock);
961 }
962 }
963 fixjobc_kill(p);
964 }
965
966 /*
967 * A process group has become orphaned, mark it as such for signal
968 * delivery code. If there are any stopped processes in the group,
969 * hang-up all process in that group.
970 */
971 static void
orphanpg(struct pgrp * pg)972 orphanpg(struct pgrp *pg)
973 {
974 struct proc *p;
975
976 PGRP_LOCK_ASSERT(pg, MA_OWNED);
977
978 pg->pg_flags |= PGRP_ORPHANED;
979
980 LIST_FOREACH(p, &pg->pg_members, p_pglist) {
981 PROC_LOCK(p);
982 if (P_SHOULDSTOP(p) == P_STOPPED_SIG) {
983 PROC_UNLOCK(p);
984 LIST_FOREACH(p, &pg->pg_members, p_pglist) {
985 PROC_LOCK(p);
986 kern_psignal(p, SIGHUP);
987 kern_psignal(p, SIGCONT);
988 PROC_UNLOCK(p);
989 }
990 return;
991 }
992 PROC_UNLOCK(p);
993 }
994 }
995
996 void
sess_hold(struct session * s)997 sess_hold(struct session *s)
998 {
999
1000 refcount_acquire(&s->s_count);
1001 }
1002
1003 void
sess_release(struct session * s)1004 sess_release(struct session *s)
1005 {
1006
1007 if (refcount_release(&s->s_count)) {
1008 if (s->s_ttyp != NULL) {
1009 tty_lock(s->s_ttyp);
1010 tty_rel_sess(s->s_ttyp, s);
1011 }
1012 proc_id_clear(PROC_ID_SESSION, s->s_sid);
1013 mtx_destroy(&s->s_mtx);
1014 free(s, M_SESSION);
1015 }
1016 }
1017
1018 #ifdef DDB
1019
1020 static void
db_print_pgrp_one(struct pgrp * pgrp,struct proc * p)1021 db_print_pgrp_one(struct pgrp *pgrp, struct proc *p)
1022 {
1023 db_printf(
1024 " pid %d at %p pr %d pgrp %p e %d jc %d\n",
1025 p->p_pid, p, p->p_pptr == NULL ? -1 : p->p_pptr->p_pid,
1026 p->p_pgrp, (p->p_treeflag & P_TREE_GRPEXITED) != 0,
1027 p->p_pptr == NULL ? 0 : isjobproc(p->p_pptr, pgrp));
1028 }
1029
DB_SHOW_COMMAND(pgrpdump,pgrpdump)1030 DB_SHOW_COMMAND(pgrpdump, pgrpdump)
1031 {
1032 struct pgrp *pgrp;
1033 struct proc *p;
1034 int i;
1035
1036 for (i = 0; i <= pgrphash; i++) {
1037 if (!LIST_EMPTY(&pgrphashtbl[i])) {
1038 db_printf("indx %d\n", i);
1039 LIST_FOREACH(pgrp, &pgrphashtbl[i], pg_hash) {
1040 db_printf(
1041 " pgrp %p, pgid %d, sess %p, sesscnt %d, mem %p\n",
1042 pgrp, (int)pgrp->pg_id, pgrp->pg_session,
1043 pgrp->pg_session->s_count,
1044 LIST_FIRST(&pgrp->pg_members));
1045 LIST_FOREACH(p, &pgrp->pg_members, p_pglist)
1046 db_print_pgrp_one(pgrp, p);
1047 }
1048 }
1049 }
1050 }
1051 #endif /* DDB */
1052
1053 /*
1054 * Calculate the kinfo_proc members which contain process-wide
1055 * informations.
1056 * Must be called with the target process locked.
1057 */
1058 static void
fill_kinfo_aggregate(struct proc * p,struct kinfo_proc * kp)1059 fill_kinfo_aggregate(struct proc *p, struct kinfo_proc *kp)
1060 {
1061 struct thread *td;
1062
1063 PROC_LOCK_ASSERT(p, MA_OWNED);
1064
1065 kp->ki_estcpu = 0;
1066 kp->ki_pctcpu = 0;
1067 FOREACH_THREAD_IN_PROC(p, td) {
1068 thread_lock(td);
1069 kp->ki_pctcpu += sched_pctcpu(td);
1070 kp->ki_estcpu += sched_estcpu(td);
1071 thread_unlock(td);
1072 }
1073 }
1074
1075 /*
1076 * Fill in any information that is common to all threads in the process.
1077 * Must be called with the target process locked.
1078 */
1079 static void
fill_kinfo_proc_only(struct proc * p,struct kinfo_proc * kp)1080 fill_kinfo_proc_only(struct proc *p, struct kinfo_proc *kp)
1081 {
1082 struct thread *td0;
1083 struct ucred *cred;
1084 struct sigacts *ps;
1085 struct timeval boottime;
1086
1087 PROC_LOCK_ASSERT(p, MA_OWNED);
1088
1089 kp->ki_structsize = sizeof(*kp);
1090 kp->ki_paddr = p;
1091 kp->ki_addr =/* p->p_addr; */0; /* XXX */
1092 kp->ki_args = p->p_args;
1093 kp->ki_textvp = p->p_textvp;
1094 #ifdef KTRACE
1095 kp->ki_tracep = ktr_get_tracevp(p, false);
1096 kp->ki_traceflag = p->p_traceflag;
1097 #endif
1098 kp->ki_fd = p->p_fd;
1099 kp->ki_pd = p->p_pd;
1100 kp->ki_vmspace = p->p_vmspace;
1101 kp->ki_flag = p->p_flag;
1102 kp->ki_flag2 = p->p_flag2;
1103 cred = p->p_ucred;
1104 if (cred) {
1105 kp->ki_uid = cred->cr_uid;
1106 kp->ki_ruid = cred->cr_ruid;
1107 kp->ki_svuid = cred->cr_svuid;
1108 kp->ki_cr_flags = 0;
1109 if (cred->cr_flags & CRED_FLAG_CAPMODE)
1110 kp->ki_cr_flags |= KI_CRF_CAPABILITY_MODE;
1111 /* XXX bde doesn't like KI_NGROUPS */
1112 if (cred->cr_ngroups > KI_NGROUPS) {
1113 kp->ki_ngroups = KI_NGROUPS;
1114 kp->ki_cr_flags |= KI_CRF_GRP_OVERFLOW;
1115 } else
1116 kp->ki_ngroups = cred->cr_ngroups;
1117 bcopy(cred->cr_groups, kp->ki_groups,
1118 kp->ki_ngroups * sizeof(gid_t));
1119 kp->ki_rgid = cred->cr_rgid;
1120 kp->ki_svgid = cred->cr_svgid;
1121 /* If jailed(cred), emulate the old P_JAILED flag. */
1122 if (jailed(cred)) {
1123 kp->ki_flag |= P_JAILED;
1124 /* If inside the jail, use 0 as a jail ID. */
1125 if (cred->cr_prison != curthread->td_ucred->cr_prison)
1126 kp->ki_jid = cred->cr_prison->pr_id;
1127 }
1128 strlcpy(kp->ki_loginclass, cred->cr_loginclass->lc_name,
1129 sizeof(kp->ki_loginclass));
1130 }
1131 ps = p->p_sigacts;
1132 if (ps) {
1133 mtx_lock(&ps->ps_mtx);
1134 kp->ki_sigignore = ps->ps_sigignore;
1135 kp->ki_sigcatch = ps->ps_sigcatch;
1136 mtx_unlock(&ps->ps_mtx);
1137 }
1138 if (p->p_state != PRS_NEW &&
1139 p->p_state != PRS_ZOMBIE &&
1140 p->p_vmspace != NULL) {
1141 struct vmspace *vm = p->p_vmspace;
1142
1143 kp->ki_size = vm->vm_map.size;
1144 kp->ki_rssize = vmspace_resident_count(vm); /*XXX*/
1145 FOREACH_THREAD_IN_PROC(p, td0) {
1146 if (!TD_IS_SWAPPED(td0))
1147 kp->ki_rssize += td0->td_kstack_pages;
1148 }
1149 kp->ki_swrss = vm->vm_swrss;
1150 kp->ki_tsize = vm->vm_tsize;
1151 kp->ki_dsize = vm->vm_dsize;
1152 kp->ki_ssize = vm->vm_ssize;
1153 } else if (p->p_state == PRS_ZOMBIE)
1154 kp->ki_stat = SZOMB;
1155 if (kp->ki_flag & P_INMEM)
1156 kp->ki_sflag = PS_INMEM;
1157 else
1158 kp->ki_sflag = 0;
1159 /* Calculate legacy swtime as seconds since 'swtick'. */
1160 kp->ki_swtime = (ticks - p->p_swtick) / hz;
1161 kp->ki_pid = p->p_pid;
1162 kp->ki_nice = p->p_nice;
1163 kp->ki_fibnum = p->p_fibnum;
1164 kp->ki_start = p->p_stats->p_start;
1165 getboottime(&boottime);
1166 timevaladd(&kp->ki_start, &boottime);
1167 PROC_STATLOCK(p);
1168 rufetch(p, &kp->ki_rusage);
1169 kp->ki_runtime = cputick2usec(p->p_rux.rux_runtime);
1170 calcru(p, &kp->ki_rusage.ru_utime, &kp->ki_rusage.ru_stime);
1171 PROC_STATUNLOCK(p);
1172 calccru(p, &kp->ki_childutime, &kp->ki_childstime);
1173 /* Some callers want child times in a single value. */
1174 kp->ki_childtime = kp->ki_childstime;
1175 timevaladd(&kp->ki_childtime, &kp->ki_childutime);
1176
1177 FOREACH_THREAD_IN_PROC(p, td0)
1178 kp->ki_cow += td0->td_cow;
1179
1180 if (p->p_comm[0] != '\0')
1181 strlcpy(kp->ki_comm, p->p_comm, sizeof(kp->ki_comm));
1182 if (p->p_sysent && p->p_sysent->sv_name != NULL &&
1183 p->p_sysent->sv_name[0] != '\0')
1184 strlcpy(kp->ki_emul, p->p_sysent->sv_name, sizeof(kp->ki_emul));
1185 kp->ki_siglist = p->p_siglist;
1186 kp->ki_xstat = KW_EXITCODE(p->p_xexit, p->p_xsig);
1187 kp->ki_acflag = p->p_acflag;
1188 kp->ki_lock = p->p_lock;
1189 if (p->p_pptr) {
1190 kp->ki_ppid = p->p_oppid;
1191 if (p->p_flag & P_TRACED)
1192 kp->ki_tracer = p->p_pptr->p_pid;
1193 }
1194 }
1195
1196 /*
1197 * Fill job-related process information.
1198 */
1199 static void
fill_kinfo_proc_pgrp(struct proc * p,struct kinfo_proc * kp)1200 fill_kinfo_proc_pgrp(struct proc *p, struct kinfo_proc *kp)
1201 {
1202 struct tty *tp;
1203 struct session *sp;
1204 struct pgrp *pgrp;
1205
1206 sx_assert(&proctree_lock, SA_LOCKED);
1207 PROC_LOCK_ASSERT(p, MA_OWNED);
1208
1209 pgrp = p->p_pgrp;
1210 if (pgrp == NULL)
1211 return;
1212
1213 kp->ki_pgid = pgrp->pg_id;
1214 kp->ki_jobc = pgrp_calc_jobc(pgrp);
1215
1216 sp = pgrp->pg_session;
1217 tp = NULL;
1218
1219 if (sp != NULL) {
1220 kp->ki_sid = sp->s_sid;
1221 SESS_LOCK(sp);
1222 strlcpy(kp->ki_login, sp->s_login, sizeof(kp->ki_login));
1223 if (sp->s_ttyvp)
1224 kp->ki_kiflag |= KI_CTTY;
1225 if (SESS_LEADER(p))
1226 kp->ki_kiflag |= KI_SLEADER;
1227 tp = sp->s_ttyp;
1228 SESS_UNLOCK(sp);
1229 }
1230
1231 if ((p->p_flag & P_CONTROLT) && tp != NULL) {
1232 kp->ki_tdev = tty_udev(tp);
1233 kp->ki_tdev_freebsd11 = kp->ki_tdev; /* truncate */
1234 kp->ki_tpgid = tp->t_pgrp ? tp->t_pgrp->pg_id : NO_PID;
1235 if (tp->t_session)
1236 kp->ki_tsid = tp->t_session->s_sid;
1237 } else {
1238 kp->ki_tdev = NODEV;
1239 kp->ki_tdev_freebsd11 = kp->ki_tdev; /* truncate */
1240 }
1241 }
1242
1243 /*
1244 * Fill in information that is thread specific. Must be called with
1245 * target process locked. If 'preferthread' is set, overwrite certain
1246 * process-related fields that are maintained for both threads and
1247 * processes.
1248 */
1249 static void
fill_kinfo_thread(struct thread * td,struct kinfo_proc * kp,int preferthread)1250 fill_kinfo_thread(struct thread *td, struct kinfo_proc *kp, int preferthread)
1251 {
1252 struct proc *p;
1253
1254 p = td->td_proc;
1255 kp->ki_tdaddr = td;
1256 PROC_LOCK_ASSERT(p, MA_OWNED);
1257
1258 if (preferthread)
1259 PROC_STATLOCK(p);
1260 thread_lock(td);
1261 if (td->td_wmesg != NULL)
1262 strlcpy(kp->ki_wmesg, td->td_wmesg, sizeof(kp->ki_wmesg));
1263 else
1264 bzero(kp->ki_wmesg, sizeof(kp->ki_wmesg));
1265 if (strlcpy(kp->ki_tdname, td->td_name, sizeof(kp->ki_tdname)) >=
1266 sizeof(kp->ki_tdname)) {
1267 strlcpy(kp->ki_moretdname,
1268 td->td_name + sizeof(kp->ki_tdname) - 1,
1269 sizeof(kp->ki_moretdname));
1270 } else {
1271 bzero(kp->ki_moretdname, sizeof(kp->ki_moretdname));
1272 }
1273 if (TD_ON_LOCK(td)) {
1274 kp->ki_kiflag |= KI_LOCKBLOCK;
1275 strlcpy(kp->ki_lockname, td->td_lockname,
1276 sizeof(kp->ki_lockname));
1277 } else {
1278 kp->ki_kiflag &= ~KI_LOCKBLOCK;
1279 bzero(kp->ki_lockname, sizeof(kp->ki_lockname));
1280 }
1281
1282 if (p->p_state == PRS_NORMAL) { /* approximate. */
1283 if (TD_ON_RUNQ(td) ||
1284 TD_CAN_RUN(td) ||
1285 TD_IS_RUNNING(td)) {
1286 kp->ki_stat = SRUN;
1287 } else if (P_SHOULDSTOP(p)) {
1288 kp->ki_stat = SSTOP;
1289 } else if (TD_IS_SLEEPING(td)) {
1290 kp->ki_stat = SSLEEP;
1291 } else if (TD_ON_LOCK(td)) {
1292 kp->ki_stat = SLOCK;
1293 } else {
1294 kp->ki_stat = SWAIT;
1295 }
1296 } else if (p->p_state == PRS_ZOMBIE) {
1297 kp->ki_stat = SZOMB;
1298 } else {
1299 kp->ki_stat = SIDL;
1300 }
1301
1302 /* Things in the thread */
1303 kp->ki_wchan = td->td_wchan;
1304 kp->ki_pri.pri_level = td->td_priority;
1305 kp->ki_pri.pri_native = td->td_base_pri;
1306
1307 /*
1308 * Note: legacy fields; clamp at the old NOCPU value and/or
1309 * the maximum u_char CPU value.
1310 */
1311 if (td->td_lastcpu == NOCPU)
1312 kp->ki_lastcpu_old = NOCPU_OLD;
1313 else if (td->td_lastcpu > MAXCPU_OLD)
1314 kp->ki_lastcpu_old = MAXCPU_OLD;
1315 else
1316 kp->ki_lastcpu_old = td->td_lastcpu;
1317
1318 if (td->td_oncpu == NOCPU)
1319 kp->ki_oncpu_old = NOCPU_OLD;
1320 else if (td->td_oncpu > MAXCPU_OLD)
1321 kp->ki_oncpu_old = MAXCPU_OLD;
1322 else
1323 kp->ki_oncpu_old = td->td_oncpu;
1324
1325 kp->ki_lastcpu = td->td_lastcpu;
1326 kp->ki_oncpu = td->td_oncpu;
1327 kp->ki_tdflags = td->td_flags;
1328 kp->ki_tid = td->td_tid;
1329 kp->ki_numthreads = p->p_numthreads;
1330 kp->ki_pcb = td->td_pcb;
1331 kp->ki_kstack = (void *)td->td_kstack;
1332 kp->ki_slptime = (ticks - td->td_slptick) / hz;
1333 kp->ki_pri.pri_class = td->td_pri_class;
1334 kp->ki_pri.pri_user = td->td_user_pri;
1335
1336 if (preferthread) {
1337 rufetchtd(td, &kp->ki_rusage);
1338 kp->ki_runtime = cputick2usec(td->td_rux.rux_runtime);
1339 kp->ki_pctcpu = sched_pctcpu(td);
1340 kp->ki_estcpu = sched_estcpu(td);
1341 kp->ki_cow = td->td_cow;
1342 }
1343
1344 /* We can't get this anymore but ps etc never used it anyway. */
1345 kp->ki_rqindex = 0;
1346
1347 if (preferthread)
1348 kp->ki_siglist = td->td_siglist;
1349 kp->ki_sigmask = td->td_sigmask;
1350 thread_unlock(td);
1351 if (preferthread)
1352 PROC_STATUNLOCK(p);
1353 }
1354
1355 /*
1356 * Fill in a kinfo_proc structure for the specified process.
1357 * Must be called with the target process locked.
1358 */
1359 void
fill_kinfo_proc(struct proc * p,struct kinfo_proc * kp)1360 fill_kinfo_proc(struct proc *p, struct kinfo_proc *kp)
1361 {
1362 MPASS(FIRST_THREAD_IN_PROC(p) != NULL);
1363
1364 bzero(kp, sizeof(*kp));
1365
1366 fill_kinfo_proc_pgrp(p,kp);
1367 fill_kinfo_proc_only(p, kp);
1368 fill_kinfo_thread(FIRST_THREAD_IN_PROC(p), kp, 0);
1369 fill_kinfo_aggregate(p, kp);
1370 }
1371
1372 struct pstats *
pstats_alloc(void)1373 pstats_alloc(void)
1374 {
1375
1376 return (malloc(sizeof(struct pstats), M_SUBPROC, M_ZERO|M_WAITOK));
1377 }
1378
1379 /*
1380 * Copy parts of p_stats; zero the rest of p_stats (statistics).
1381 */
1382 void
pstats_fork(struct pstats * src,struct pstats * dst)1383 pstats_fork(struct pstats *src, struct pstats *dst)
1384 {
1385
1386 bzero(&dst->pstat_startzero,
1387 __rangeof(struct pstats, pstat_startzero, pstat_endzero));
1388 bcopy(&src->pstat_startcopy, &dst->pstat_startcopy,
1389 __rangeof(struct pstats, pstat_startcopy, pstat_endcopy));
1390 }
1391
1392 void
pstats_free(struct pstats * ps)1393 pstats_free(struct pstats *ps)
1394 {
1395
1396 free(ps, M_SUBPROC);
1397 }
1398
1399 #ifdef COMPAT_FREEBSD32
1400
1401 /*
1402 * This function is typically used to copy out the kernel address, so
1403 * it can be replaced by assignment of zero.
1404 */
1405 static inline uint32_t
ptr32_trim(const void * ptr)1406 ptr32_trim(const void *ptr)
1407 {
1408 uintptr_t uptr;
1409
1410 uptr = (uintptr_t)ptr;
1411 return ((uptr > UINT_MAX) ? 0 : uptr);
1412 }
1413
1414 #define PTRTRIM_CP(src,dst,fld) \
1415 do { (dst).fld = ptr32_trim((src).fld); } while (0)
1416
1417 static void
freebsd32_kinfo_proc_out(const struct kinfo_proc * ki,struct kinfo_proc32 * ki32)1418 freebsd32_kinfo_proc_out(const struct kinfo_proc *ki, struct kinfo_proc32 *ki32)
1419 {
1420 int i;
1421
1422 bzero(ki32, sizeof(struct kinfo_proc32));
1423 ki32->ki_structsize = sizeof(struct kinfo_proc32);
1424 CP(*ki, *ki32, ki_layout);
1425 PTRTRIM_CP(*ki, *ki32, ki_args);
1426 PTRTRIM_CP(*ki, *ki32, ki_paddr);
1427 PTRTRIM_CP(*ki, *ki32, ki_addr);
1428 PTRTRIM_CP(*ki, *ki32, ki_tracep);
1429 PTRTRIM_CP(*ki, *ki32, ki_textvp);
1430 PTRTRIM_CP(*ki, *ki32, ki_fd);
1431 PTRTRIM_CP(*ki, *ki32, ki_vmspace);
1432 PTRTRIM_CP(*ki, *ki32, ki_wchan);
1433 CP(*ki, *ki32, ki_pid);
1434 CP(*ki, *ki32, ki_ppid);
1435 CP(*ki, *ki32, ki_pgid);
1436 CP(*ki, *ki32, ki_tpgid);
1437 CP(*ki, *ki32, ki_sid);
1438 CP(*ki, *ki32, ki_tsid);
1439 CP(*ki, *ki32, ki_jobc);
1440 CP(*ki, *ki32, ki_tdev);
1441 CP(*ki, *ki32, ki_tdev_freebsd11);
1442 CP(*ki, *ki32, ki_siglist);
1443 CP(*ki, *ki32, ki_sigmask);
1444 CP(*ki, *ki32, ki_sigignore);
1445 CP(*ki, *ki32, ki_sigcatch);
1446 CP(*ki, *ki32, ki_uid);
1447 CP(*ki, *ki32, ki_ruid);
1448 CP(*ki, *ki32, ki_svuid);
1449 CP(*ki, *ki32, ki_rgid);
1450 CP(*ki, *ki32, ki_svgid);
1451 CP(*ki, *ki32, ki_ngroups);
1452 for (i = 0; i < KI_NGROUPS; i++)
1453 CP(*ki, *ki32, ki_groups[i]);
1454 CP(*ki, *ki32, ki_size);
1455 CP(*ki, *ki32, ki_rssize);
1456 CP(*ki, *ki32, ki_swrss);
1457 CP(*ki, *ki32, ki_tsize);
1458 CP(*ki, *ki32, ki_dsize);
1459 CP(*ki, *ki32, ki_ssize);
1460 CP(*ki, *ki32, ki_xstat);
1461 CP(*ki, *ki32, ki_acflag);
1462 CP(*ki, *ki32, ki_pctcpu);
1463 CP(*ki, *ki32, ki_estcpu);
1464 CP(*ki, *ki32, ki_slptime);
1465 CP(*ki, *ki32, ki_swtime);
1466 CP(*ki, *ki32, ki_cow);
1467 CP(*ki, *ki32, ki_runtime);
1468 TV_CP(*ki, *ki32, ki_start);
1469 TV_CP(*ki, *ki32, ki_childtime);
1470 CP(*ki, *ki32, ki_flag);
1471 CP(*ki, *ki32, ki_kiflag);
1472 CP(*ki, *ki32, ki_traceflag);
1473 CP(*ki, *ki32, ki_stat);
1474 CP(*ki, *ki32, ki_nice);
1475 CP(*ki, *ki32, ki_lock);
1476 CP(*ki, *ki32, ki_rqindex);
1477 CP(*ki, *ki32, ki_oncpu);
1478 CP(*ki, *ki32, ki_lastcpu);
1479
1480 /* XXX TODO: wrap cpu value as appropriate */
1481 CP(*ki, *ki32, ki_oncpu_old);
1482 CP(*ki, *ki32, ki_lastcpu_old);
1483
1484 bcopy(ki->ki_tdname, ki32->ki_tdname, TDNAMLEN + 1);
1485 bcopy(ki->ki_wmesg, ki32->ki_wmesg, WMESGLEN + 1);
1486 bcopy(ki->ki_login, ki32->ki_login, LOGNAMELEN + 1);
1487 bcopy(ki->ki_lockname, ki32->ki_lockname, LOCKNAMELEN + 1);
1488 bcopy(ki->ki_comm, ki32->ki_comm, COMMLEN + 1);
1489 bcopy(ki->ki_emul, ki32->ki_emul, KI_EMULNAMELEN + 1);
1490 bcopy(ki->ki_loginclass, ki32->ki_loginclass, LOGINCLASSLEN + 1);
1491 bcopy(ki->ki_moretdname, ki32->ki_moretdname, MAXCOMLEN - TDNAMLEN + 1);
1492 CP(*ki, *ki32, ki_tracer);
1493 CP(*ki, *ki32, ki_flag2);
1494 CP(*ki, *ki32, ki_fibnum);
1495 CP(*ki, *ki32, ki_cr_flags);
1496 CP(*ki, *ki32, ki_jid);
1497 CP(*ki, *ki32, ki_numthreads);
1498 CP(*ki, *ki32, ki_tid);
1499 CP(*ki, *ki32, ki_pri);
1500 freebsd32_rusage_out(&ki->ki_rusage, &ki32->ki_rusage);
1501 freebsd32_rusage_out(&ki->ki_rusage_ch, &ki32->ki_rusage_ch);
1502 PTRTRIM_CP(*ki, *ki32, ki_pcb);
1503 PTRTRIM_CP(*ki, *ki32, ki_kstack);
1504 PTRTRIM_CP(*ki, *ki32, ki_udata);
1505 PTRTRIM_CP(*ki, *ki32, ki_tdaddr);
1506 CP(*ki, *ki32, ki_sflag);
1507 CP(*ki, *ki32, ki_tdflags);
1508 }
1509 #endif
1510
1511 static ssize_t
kern_proc_out_size(struct proc * p,int flags)1512 kern_proc_out_size(struct proc *p, int flags)
1513 {
1514 ssize_t size = 0;
1515
1516 PROC_LOCK_ASSERT(p, MA_OWNED);
1517
1518 if ((flags & KERN_PROC_NOTHREADS) != 0) {
1519 #ifdef COMPAT_FREEBSD32
1520 if ((flags & KERN_PROC_MASK32) != 0) {
1521 size += sizeof(struct kinfo_proc32);
1522 } else
1523 #endif
1524 size += sizeof(struct kinfo_proc);
1525 } else {
1526 #ifdef COMPAT_FREEBSD32
1527 if ((flags & KERN_PROC_MASK32) != 0)
1528 size += sizeof(struct kinfo_proc32) * p->p_numthreads;
1529 else
1530 #endif
1531 size += sizeof(struct kinfo_proc) * p->p_numthreads;
1532 }
1533 PROC_UNLOCK(p);
1534 return (size);
1535 }
1536
1537 int
kern_proc_out(struct proc * p,struct sbuf * sb,int flags)1538 kern_proc_out(struct proc *p, struct sbuf *sb, int flags)
1539 {
1540 struct thread *td;
1541 struct kinfo_proc ki;
1542 #ifdef COMPAT_FREEBSD32
1543 struct kinfo_proc32 ki32;
1544 #endif
1545 int error;
1546
1547 PROC_LOCK_ASSERT(p, MA_OWNED);
1548 MPASS(FIRST_THREAD_IN_PROC(p) != NULL);
1549
1550 error = 0;
1551 fill_kinfo_proc(p, &ki);
1552 if ((flags & KERN_PROC_NOTHREADS) != 0) {
1553 #ifdef COMPAT_FREEBSD32
1554 if ((flags & KERN_PROC_MASK32) != 0) {
1555 freebsd32_kinfo_proc_out(&ki, &ki32);
1556 if (sbuf_bcat(sb, &ki32, sizeof(ki32)) != 0)
1557 error = ENOMEM;
1558 } else
1559 #endif
1560 if (sbuf_bcat(sb, &ki, sizeof(ki)) != 0)
1561 error = ENOMEM;
1562 } else {
1563 FOREACH_THREAD_IN_PROC(p, td) {
1564 fill_kinfo_thread(td, &ki, 1);
1565 #ifdef COMPAT_FREEBSD32
1566 if ((flags & KERN_PROC_MASK32) != 0) {
1567 freebsd32_kinfo_proc_out(&ki, &ki32);
1568 if (sbuf_bcat(sb, &ki32, sizeof(ki32)) != 0)
1569 error = ENOMEM;
1570 } else
1571 #endif
1572 if (sbuf_bcat(sb, &ki, sizeof(ki)) != 0)
1573 error = ENOMEM;
1574 if (error != 0)
1575 break;
1576 }
1577 }
1578 PROC_UNLOCK(p);
1579 return (error);
1580 }
1581
1582 static int
sysctl_out_proc(struct proc * p,struct sysctl_req * req,int flags)1583 sysctl_out_proc(struct proc *p, struct sysctl_req *req, int flags)
1584 {
1585 struct sbuf sb;
1586 struct kinfo_proc ki;
1587 int error, error2;
1588
1589 if (req->oldptr == NULL)
1590 return (SYSCTL_OUT(req, 0, kern_proc_out_size(p, flags)));
1591
1592 sbuf_new_for_sysctl(&sb, (char *)&ki, sizeof(ki), req);
1593 sbuf_clear_flags(&sb, SBUF_INCLUDENUL);
1594 error = kern_proc_out(p, &sb, flags);
1595 error2 = sbuf_finish(&sb);
1596 sbuf_delete(&sb);
1597 if (error != 0)
1598 return (error);
1599 else if (error2 != 0)
1600 return (error2);
1601 return (0);
1602 }
1603
1604 int
proc_iterate(int (* cb)(struct proc *,void *),void * cbarg)1605 proc_iterate(int (*cb)(struct proc *, void *), void *cbarg)
1606 {
1607 struct proc *p;
1608 int error, i, j;
1609
1610 for (i = 0; i < pidhashlock + 1; i++) {
1611 sx_slock(&proctree_lock);
1612 sx_slock(&pidhashtbl_lock[i]);
1613 for (j = i; j <= pidhash; j += pidhashlock + 1) {
1614 LIST_FOREACH(p, &pidhashtbl[j], p_hash) {
1615 if (p->p_state == PRS_NEW)
1616 continue;
1617 error = cb(p, cbarg);
1618 PROC_LOCK_ASSERT(p, MA_NOTOWNED);
1619 if (error != 0) {
1620 sx_sunlock(&pidhashtbl_lock[i]);
1621 sx_sunlock(&proctree_lock);
1622 return (error);
1623 }
1624 }
1625 }
1626 sx_sunlock(&pidhashtbl_lock[i]);
1627 sx_sunlock(&proctree_lock);
1628 }
1629 return (0);
1630 }
1631
1632 struct kern_proc_out_args {
1633 struct sysctl_req *req;
1634 int flags;
1635 int oid_number;
1636 int *name;
1637 };
1638
1639 static int
sysctl_kern_proc_iterate(struct proc * p,void * origarg)1640 sysctl_kern_proc_iterate(struct proc *p, void *origarg)
1641 {
1642 struct kern_proc_out_args *arg = origarg;
1643 int *name = arg->name;
1644 int oid_number = arg->oid_number;
1645 int flags = arg->flags;
1646 struct sysctl_req *req = arg->req;
1647 int error = 0;
1648
1649 PROC_LOCK(p);
1650
1651 KASSERT(p->p_ucred != NULL,
1652 ("process credential is NULL for non-NEW proc"));
1653 /*
1654 * Show a user only appropriate processes.
1655 */
1656 if (p_cansee(curthread, p))
1657 goto skip;
1658 /*
1659 * TODO - make more efficient (see notes below).
1660 * do by session.
1661 */
1662 switch (oid_number) {
1663 case KERN_PROC_GID:
1664 if (p->p_ucred->cr_gid != (gid_t)name[0])
1665 goto skip;
1666 break;
1667
1668 case KERN_PROC_PGRP:
1669 /* could do this by traversing pgrp */
1670 if (p->p_pgrp == NULL ||
1671 p->p_pgrp->pg_id != (pid_t)name[0])
1672 goto skip;
1673 break;
1674
1675 case KERN_PROC_RGID:
1676 if (p->p_ucred->cr_rgid != (gid_t)name[0])
1677 goto skip;
1678 break;
1679
1680 case KERN_PROC_SESSION:
1681 if (p->p_session == NULL ||
1682 p->p_session->s_sid != (pid_t)name[0])
1683 goto skip;
1684 break;
1685
1686 case KERN_PROC_TTY:
1687 if ((p->p_flag & P_CONTROLT) == 0 ||
1688 p->p_session == NULL)
1689 goto skip;
1690 /* XXX proctree_lock */
1691 SESS_LOCK(p->p_session);
1692 if (p->p_session->s_ttyp == NULL ||
1693 tty_udev(p->p_session->s_ttyp) !=
1694 (dev_t)name[0]) {
1695 SESS_UNLOCK(p->p_session);
1696 goto skip;
1697 }
1698 SESS_UNLOCK(p->p_session);
1699 break;
1700
1701 case KERN_PROC_UID:
1702 if (p->p_ucred->cr_uid != (uid_t)name[0])
1703 goto skip;
1704 break;
1705
1706 case KERN_PROC_RUID:
1707 if (p->p_ucred->cr_ruid != (uid_t)name[0])
1708 goto skip;
1709 break;
1710
1711 case KERN_PROC_PROC:
1712 break;
1713
1714 default:
1715 break;
1716 }
1717 error = sysctl_out_proc(p, req, flags);
1718 PROC_LOCK_ASSERT(p, MA_NOTOWNED);
1719 return (error);
1720 skip:
1721 PROC_UNLOCK(p);
1722 return (0);
1723 }
1724
1725 static int
sysctl_kern_proc(SYSCTL_HANDLER_ARGS)1726 sysctl_kern_proc(SYSCTL_HANDLER_ARGS)
1727 {
1728 struct kern_proc_out_args iterarg;
1729 int *name = (int *)arg1;
1730 u_int namelen = arg2;
1731 struct proc *p;
1732 int flags, oid_number;
1733 int error = 0;
1734
1735 oid_number = oidp->oid_number;
1736 if (oid_number != KERN_PROC_ALL &&
1737 (oid_number & KERN_PROC_INC_THREAD) == 0)
1738 flags = KERN_PROC_NOTHREADS;
1739 else {
1740 flags = 0;
1741 oid_number &= ~KERN_PROC_INC_THREAD;
1742 }
1743 #ifdef COMPAT_FREEBSD32
1744 if (req->flags & SCTL_MASK32)
1745 flags |= KERN_PROC_MASK32;
1746 #endif
1747 if (oid_number == KERN_PROC_PID) {
1748 if (namelen != 1)
1749 return (EINVAL);
1750 error = sysctl_wire_old_buffer(req, 0);
1751 if (error)
1752 return (error);
1753 sx_slock(&proctree_lock);
1754 error = pget((pid_t)name[0], PGET_CANSEE, &p);
1755 if (error == 0)
1756 error = sysctl_out_proc(p, req, flags);
1757 sx_sunlock(&proctree_lock);
1758 return (error);
1759 }
1760
1761 switch (oid_number) {
1762 case KERN_PROC_ALL:
1763 if (namelen != 0)
1764 return (EINVAL);
1765 break;
1766 case KERN_PROC_PROC:
1767 if (namelen != 0 && namelen != 1)
1768 return (EINVAL);
1769 break;
1770 default:
1771 if (namelen != 1)
1772 return (EINVAL);
1773 break;
1774 }
1775
1776 if (req->oldptr == NULL) {
1777 /* overestimate by 5 procs */
1778 error = SYSCTL_OUT(req, 0, sizeof (struct kinfo_proc) * 5);
1779 if (error)
1780 return (error);
1781 } else {
1782 error = sysctl_wire_old_buffer(req, 0);
1783 if (error != 0)
1784 return (error);
1785 }
1786 iterarg.flags = flags;
1787 iterarg.oid_number = oid_number;
1788 iterarg.req = req;
1789 iterarg.name = name;
1790 error = proc_iterate(sysctl_kern_proc_iterate, &iterarg);
1791 return (error);
1792 }
1793
1794 struct pargs *
pargs_alloc(int len)1795 pargs_alloc(int len)
1796 {
1797 struct pargs *pa;
1798
1799 pa = malloc(sizeof(struct pargs) + len, M_PARGS,
1800 M_WAITOK);
1801 refcount_init(&pa->ar_ref, 1);
1802 pa->ar_length = len;
1803 return (pa);
1804 }
1805
1806 static void
pargs_free(struct pargs * pa)1807 pargs_free(struct pargs *pa)
1808 {
1809
1810 free(pa, M_PARGS);
1811 }
1812
1813 void
pargs_hold(struct pargs * pa)1814 pargs_hold(struct pargs *pa)
1815 {
1816
1817 if (pa == NULL)
1818 return;
1819 refcount_acquire(&pa->ar_ref);
1820 }
1821
1822 void
pargs_drop(struct pargs * pa)1823 pargs_drop(struct pargs *pa)
1824 {
1825
1826 if (pa == NULL)
1827 return;
1828 if (refcount_release(&pa->ar_ref))
1829 pargs_free(pa);
1830 }
1831
1832 static int
proc_read_string(struct thread * td,struct proc * p,const char * sptr,char * buf,size_t len)1833 proc_read_string(struct thread *td, struct proc *p, const char *sptr, char *buf,
1834 size_t len)
1835 {
1836 ssize_t n;
1837
1838 /*
1839 * This may return a short read if the string is shorter than the chunk
1840 * and is aligned at the end of the page, and the following page is not
1841 * mapped.
1842 */
1843 n = proc_readmem(td, p, (vm_offset_t)sptr, buf, len);
1844 if (n <= 0)
1845 return (ENOMEM);
1846 return (0);
1847 }
1848
1849 #define PROC_AUXV_MAX 256 /* Safety limit on auxv size. */
1850
1851 enum proc_vector_type {
1852 PROC_ARG,
1853 PROC_ENV,
1854 PROC_AUX,
1855 };
1856
1857 #ifdef COMPAT_FREEBSD32
1858 static int
get_proc_vector32(struct thread * td,struct proc * p,char *** proc_vectorp,size_t * vsizep,enum proc_vector_type type)1859 get_proc_vector32(struct thread *td, struct proc *p, char ***proc_vectorp,
1860 size_t *vsizep, enum proc_vector_type type)
1861 {
1862 struct freebsd32_ps_strings pss;
1863 Elf32_Auxinfo aux;
1864 vm_offset_t vptr, ptr;
1865 uint32_t *proc_vector32;
1866 char **proc_vector;
1867 size_t vsize, size;
1868 int i, error;
1869
1870 error = 0;
1871 if (proc_readmem(td, p, PROC_PS_STRINGS(p), &pss, sizeof(pss)) !=
1872 sizeof(pss))
1873 return (ENOMEM);
1874 switch (type) {
1875 case PROC_ARG:
1876 vptr = (vm_offset_t)PTRIN(pss.ps_argvstr);
1877 vsize = pss.ps_nargvstr;
1878 if (vsize > ARG_MAX)
1879 return (ENOEXEC);
1880 size = vsize * sizeof(int32_t);
1881 break;
1882 case PROC_ENV:
1883 vptr = (vm_offset_t)PTRIN(pss.ps_envstr);
1884 vsize = pss.ps_nenvstr;
1885 if (vsize > ARG_MAX)
1886 return (ENOEXEC);
1887 size = vsize * sizeof(int32_t);
1888 break;
1889 case PROC_AUX:
1890 vptr = (vm_offset_t)PTRIN(pss.ps_envstr) +
1891 (pss.ps_nenvstr + 1) * sizeof(int32_t);
1892 if (vptr % 4 != 0)
1893 return (ENOEXEC);
1894 for (ptr = vptr, i = 0; i < PROC_AUXV_MAX; i++) {
1895 if (proc_readmem(td, p, ptr, &aux, sizeof(aux)) !=
1896 sizeof(aux))
1897 return (ENOMEM);
1898 if (aux.a_type == AT_NULL)
1899 break;
1900 ptr += sizeof(aux);
1901 }
1902 if (aux.a_type != AT_NULL)
1903 return (ENOEXEC);
1904 vsize = i + 1;
1905 size = vsize * sizeof(aux);
1906 break;
1907 default:
1908 KASSERT(0, ("Wrong proc vector type: %d", type));
1909 return (EINVAL);
1910 }
1911 proc_vector32 = malloc(size, M_TEMP, M_WAITOK);
1912 if (proc_readmem(td, p, vptr, proc_vector32, size) != size) {
1913 error = ENOMEM;
1914 goto done;
1915 }
1916 if (type == PROC_AUX) {
1917 *proc_vectorp = (char **)proc_vector32;
1918 *vsizep = vsize;
1919 return (0);
1920 }
1921 proc_vector = malloc(vsize * sizeof(char *), M_TEMP, M_WAITOK);
1922 for (i = 0; i < (int)vsize; i++)
1923 proc_vector[i] = PTRIN(proc_vector32[i]);
1924 *proc_vectorp = proc_vector;
1925 *vsizep = vsize;
1926 done:
1927 free(proc_vector32, M_TEMP);
1928 return (error);
1929 }
1930 #endif
1931
1932 static int
get_proc_vector(struct thread * td,struct proc * p,char *** proc_vectorp,size_t * vsizep,enum proc_vector_type type)1933 get_proc_vector(struct thread *td, struct proc *p, char ***proc_vectorp,
1934 size_t *vsizep, enum proc_vector_type type)
1935 {
1936 struct ps_strings pss;
1937 Elf_Auxinfo aux;
1938 vm_offset_t vptr, ptr;
1939 char **proc_vector;
1940 size_t vsize, size;
1941 int i;
1942
1943 #ifdef COMPAT_FREEBSD32
1944 if (SV_PROC_FLAG(p, SV_ILP32) != 0)
1945 return (get_proc_vector32(td, p, proc_vectorp, vsizep, type));
1946 #endif
1947 if (proc_readmem(td, p, PROC_PS_STRINGS(p), &pss, sizeof(pss)) !=
1948 sizeof(pss))
1949 return (ENOMEM);
1950 switch (type) {
1951 case PROC_ARG:
1952 vptr = (vm_offset_t)pss.ps_argvstr;
1953 vsize = pss.ps_nargvstr;
1954 if (vsize > ARG_MAX)
1955 return (ENOEXEC);
1956 size = vsize * sizeof(char *);
1957 break;
1958 case PROC_ENV:
1959 vptr = (vm_offset_t)pss.ps_envstr;
1960 vsize = pss.ps_nenvstr;
1961 if (vsize > ARG_MAX)
1962 return (ENOEXEC);
1963 size = vsize * sizeof(char *);
1964 break;
1965 case PROC_AUX:
1966 /*
1967 * The aux array is just above env array on the stack. Check
1968 * that the address is naturally aligned.
1969 */
1970 vptr = (vm_offset_t)pss.ps_envstr + (pss.ps_nenvstr + 1)
1971 * sizeof(char *);
1972 #if __ELF_WORD_SIZE == 64
1973 if (vptr % sizeof(uint64_t) != 0)
1974 #else
1975 if (vptr % sizeof(uint32_t) != 0)
1976 #endif
1977 return (ENOEXEC);
1978 /*
1979 * We count the array size reading the aux vectors from the
1980 * stack until AT_NULL vector is returned. So (to keep the code
1981 * simple) we read the process stack twice: the first time here
1982 * to find the size and the second time when copying the vectors
1983 * to the allocated proc_vector.
1984 */
1985 for (ptr = vptr, i = 0; i < PROC_AUXV_MAX; i++) {
1986 if (proc_readmem(td, p, ptr, &aux, sizeof(aux)) !=
1987 sizeof(aux))
1988 return (ENOMEM);
1989 if (aux.a_type == AT_NULL)
1990 break;
1991 ptr += sizeof(aux);
1992 }
1993 /*
1994 * If the PROC_AUXV_MAX entries are iterated over, and we have
1995 * not reached AT_NULL, it is most likely we are reading wrong
1996 * data: either the process doesn't have auxv array or data has
1997 * been modified. Return the error in this case.
1998 */
1999 if (aux.a_type != AT_NULL)
2000 return (ENOEXEC);
2001 vsize = i + 1;
2002 size = vsize * sizeof(aux);
2003 break;
2004 default:
2005 KASSERT(0, ("Wrong proc vector type: %d", type));
2006 return (EINVAL); /* In case we are built without INVARIANTS. */
2007 }
2008 proc_vector = malloc(size, M_TEMP, M_WAITOK);
2009 if (proc_readmem(td, p, vptr, proc_vector, size) != size) {
2010 free(proc_vector, M_TEMP);
2011 return (ENOMEM);
2012 }
2013 *proc_vectorp = proc_vector;
2014 *vsizep = vsize;
2015
2016 return (0);
2017 }
2018
2019 #define GET_PS_STRINGS_CHUNK_SZ 256 /* Chunk size (bytes) for ps_strings operations. */
2020
2021 static int
get_ps_strings(struct thread * td,struct proc * p,struct sbuf * sb,enum proc_vector_type type)2022 get_ps_strings(struct thread *td, struct proc *p, struct sbuf *sb,
2023 enum proc_vector_type type)
2024 {
2025 size_t done, len, nchr, vsize;
2026 int error, i;
2027 char **proc_vector, *sptr;
2028 char pss_string[GET_PS_STRINGS_CHUNK_SZ];
2029
2030 PROC_ASSERT_HELD(p);
2031
2032 /*
2033 * We are not going to read more than 2 * (PATH_MAX + ARG_MAX) bytes.
2034 */
2035 nchr = 2 * (PATH_MAX + ARG_MAX);
2036
2037 error = get_proc_vector(td, p, &proc_vector, &vsize, type);
2038 if (error != 0)
2039 return (error);
2040 for (done = 0, i = 0; i < (int)vsize && done < nchr; i++) {
2041 /*
2042 * The program may have scribbled into its argv array, e.g. to
2043 * remove some arguments. If that has happened, break out
2044 * before trying to read from NULL.
2045 */
2046 if (proc_vector[i] == NULL)
2047 break;
2048 for (sptr = proc_vector[i]; ; sptr += GET_PS_STRINGS_CHUNK_SZ) {
2049 error = proc_read_string(td, p, sptr, pss_string,
2050 sizeof(pss_string));
2051 if (error != 0)
2052 goto done;
2053 len = strnlen(pss_string, GET_PS_STRINGS_CHUNK_SZ);
2054 if (done + len >= nchr)
2055 len = nchr - done - 1;
2056 sbuf_bcat(sb, pss_string, len);
2057 if (len != GET_PS_STRINGS_CHUNK_SZ)
2058 break;
2059 done += GET_PS_STRINGS_CHUNK_SZ;
2060 }
2061 sbuf_bcat(sb, "", 1);
2062 done += len + 1;
2063 }
2064 done:
2065 free(proc_vector, M_TEMP);
2066 return (error);
2067 }
2068
2069 int
proc_getargv(struct thread * td,struct proc * p,struct sbuf * sb)2070 proc_getargv(struct thread *td, struct proc *p, struct sbuf *sb)
2071 {
2072
2073 return (get_ps_strings(curthread, p, sb, PROC_ARG));
2074 }
2075
2076 int
proc_getenvv(struct thread * td,struct proc * p,struct sbuf * sb)2077 proc_getenvv(struct thread *td, struct proc *p, struct sbuf *sb)
2078 {
2079
2080 return (get_ps_strings(curthread, p, sb, PROC_ENV));
2081 }
2082
2083 int
proc_getauxv(struct thread * td,struct proc * p,struct sbuf * sb)2084 proc_getauxv(struct thread *td, struct proc *p, struct sbuf *sb)
2085 {
2086 size_t vsize, size;
2087 char **auxv;
2088 int error;
2089
2090 error = get_proc_vector(td, p, &auxv, &vsize, PROC_AUX);
2091 if (error == 0) {
2092 #ifdef COMPAT_FREEBSD32
2093 if (SV_PROC_FLAG(p, SV_ILP32) != 0)
2094 size = vsize * sizeof(Elf32_Auxinfo);
2095 else
2096 #endif
2097 size = vsize * sizeof(Elf_Auxinfo);
2098 if (sbuf_bcat(sb, auxv, size) != 0)
2099 error = ENOMEM;
2100 free(auxv, M_TEMP);
2101 }
2102 return (error);
2103 }
2104
2105 /*
2106 * This sysctl allows a process to retrieve the argument list or process
2107 * title for another process without groping around in the address space
2108 * of the other process. It also allow a process to set its own "process
2109 * title to a string of its own choice.
2110 */
2111 static int
sysctl_kern_proc_args(SYSCTL_HANDLER_ARGS)2112 sysctl_kern_proc_args(SYSCTL_HANDLER_ARGS)
2113 {
2114 int *name = (int *)arg1;
2115 u_int namelen = arg2;
2116 struct pargs *newpa, *pa;
2117 struct proc *p;
2118 struct sbuf sb;
2119 int flags, error = 0, error2;
2120 pid_t pid;
2121
2122 if (namelen != 1)
2123 return (EINVAL);
2124
2125 p = curproc;
2126 pid = (pid_t)name[0];
2127 if (pid == -1) {
2128 pid = p->p_pid;
2129 }
2130
2131 /*
2132 * If the query is for this process and it is single-threaded, there
2133 * is nobody to modify pargs, thus we can just read.
2134 */
2135 if (pid == p->p_pid && p->p_numthreads == 1 && req->newptr == NULL &&
2136 (pa = p->p_args) != NULL)
2137 return (SYSCTL_OUT(req, pa->ar_args, pa->ar_length));
2138
2139 flags = PGET_CANSEE;
2140 if (req->newptr != NULL)
2141 flags |= PGET_ISCURRENT;
2142 error = pget(pid, flags, &p);
2143 if (error)
2144 return (error);
2145
2146 pa = p->p_args;
2147 if (pa != NULL) {
2148 pargs_hold(pa);
2149 PROC_UNLOCK(p);
2150 error = SYSCTL_OUT(req, pa->ar_args, pa->ar_length);
2151 pargs_drop(pa);
2152 } else if ((p->p_flag & (P_WEXIT | P_SYSTEM)) == 0) {
2153 _PHOLD(p);
2154 PROC_UNLOCK(p);
2155 sbuf_new_for_sysctl(&sb, NULL, GET_PS_STRINGS_CHUNK_SZ, req);
2156 sbuf_clear_flags(&sb, SBUF_INCLUDENUL);
2157 error = proc_getargv(curthread, p, &sb);
2158 error2 = sbuf_finish(&sb);
2159 PRELE(p);
2160 sbuf_delete(&sb);
2161 if (error == 0 && error2 != 0)
2162 error = error2;
2163 } else {
2164 PROC_UNLOCK(p);
2165 }
2166 if (error != 0 || req->newptr == NULL)
2167 return (error);
2168
2169 if (req->newlen > ps_arg_cache_limit - sizeof(struct pargs))
2170 return (ENOMEM);
2171
2172 if (req->newlen == 0) {
2173 /*
2174 * Clear the argument pointer, so that we'll fetch arguments
2175 * with proc_getargv() until further notice.
2176 */
2177 newpa = NULL;
2178 } else {
2179 newpa = pargs_alloc(req->newlen);
2180 error = SYSCTL_IN(req, newpa->ar_args, req->newlen);
2181 if (error != 0) {
2182 pargs_free(newpa);
2183 return (error);
2184 }
2185 }
2186 PROC_LOCK(p);
2187 pa = p->p_args;
2188 p->p_args = newpa;
2189 PROC_UNLOCK(p);
2190 pargs_drop(pa);
2191 return (0);
2192 }
2193
2194 /*
2195 * This sysctl allows a process to retrieve environment of another process.
2196 */
2197 static int
sysctl_kern_proc_env(SYSCTL_HANDLER_ARGS)2198 sysctl_kern_proc_env(SYSCTL_HANDLER_ARGS)
2199 {
2200 int *name = (int *)arg1;
2201 u_int namelen = arg2;
2202 struct proc *p;
2203 struct sbuf sb;
2204 int error, error2;
2205
2206 if (namelen != 1)
2207 return (EINVAL);
2208
2209 error = pget((pid_t)name[0], PGET_WANTREAD, &p);
2210 if (error != 0)
2211 return (error);
2212 if ((p->p_flag & P_SYSTEM) != 0) {
2213 PRELE(p);
2214 return (0);
2215 }
2216
2217 sbuf_new_for_sysctl(&sb, NULL, GET_PS_STRINGS_CHUNK_SZ, req);
2218 sbuf_clear_flags(&sb, SBUF_INCLUDENUL);
2219 error = proc_getenvv(curthread, p, &sb);
2220 error2 = sbuf_finish(&sb);
2221 PRELE(p);
2222 sbuf_delete(&sb);
2223 return (error != 0 ? error : error2);
2224 }
2225
2226 /*
2227 * This sysctl allows a process to retrieve ELF auxiliary vector of
2228 * another process.
2229 */
2230 static int
sysctl_kern_proc_auxv(SYSCTL_HANDLER_ARGS)2231 sysctl_kern_proc_auxv(SYSCTL_HANDLER_ARGS)
2232 {
2233 int *name = (int *)arg1;
2234 u_int namelen = arg2;
2235 struct proc *p;
2236 struct sbuf sb;
2237 int error, error2;
2238
2239 if (namelen != 1)
2240 return (EINVAL);
2241
2242 error = pget((pid_t)name[0], PGET_WANTREAD, &p);
2243 if (error != 0)
2244 return (error);
2245 if ((p->p_flag & P_SYSTEM) != 0) {
2246 PRELE(p);
2247 return (0);
2248 }
2249 sbuf_new_for_sysctl(&sb, NULL, GET_PS_STRINGS_CHUNK_SZ, req);
2250 sbuf_clear_flags(&sb, SBUF_INCLUDENUL);
2251 error = proc_getauxv(curthread, p, &sb);
2252 error2 = sbuf_finish(&sb);
2253 PRELE(p);
2254 sbuf_delete(&sb);
2255 return (error != 0 ? error : error2);
2256 }
2257
2258 /*
2259 * Look up the canonical executable path running in the specified process.
2260 * It tries to return the same hardlink name as was used for execve(2).
2261 * This allows the programs that modify their behavior based on their progname,
2262 * to operate correctly.
2263 *
2264 * Result is returned in retbuf, it must not be freed, similar to vn_fullpath()
2265 * calling conventions.
2266 * binname is a pointer to temporary string buffer of length MAXPATHLEN,
2267 * allocated and freed by caller.
2268 * freebuf should be freed by caller, from the M_TEMP malloc type.
2269 */
2270 int
proc_get_binpath(struct proc * p,char * binname,char ** retbuf,char ** freebuf)2271 proc_get_binpath(struct proc *p, char *binname, char **retbuf,
2272 char **freebuf)
2273 {
2274 struct nameidata nd;
2275 struct vnode *vp, *dvp;
2276 size_t freepath_size;
2277 int error;
2278 bool do_fullpath;
2279
2280 PROC_LOCK_ASSERT(p, MA_OWNED);
2281
2282 vp = p->p_textvp;
2283 if (vp == NULL) {
2284 PROC_UNLOCK(p);
2285 *retbuf = "";
2286 *freebuf = NULL;
2287 return (0);
2288 }
2289 vref(vp);
2290 dvp = p->p_textdvp;
2291 if (dvp != NULL)
2292 vref(dvp);
2293 if (p->p_binname != NULL)
2294 strlcpy(binname, p->p_binname, MAXPATHLEN);
2295 PROC_UNLOCK(p);
2296
2297 do_fullpath = true;
2298 *freebuf = NULL;
2299 if (dvp != NULL && binname[0] != '\0') {
2300 freepath_size = MAXPATHLEN;
2301 if (vn_fullpath_hardlink(vp, dvp, binname, strlen(binname),
2302 retbuf, freebuf, &freepath_size) == 0) {
2303 /*
2304 * Recheck the looked up path. The binary
2305 * might have been renamed or replaced, in
2306 * which case we should not report old name.
2307 */
2308 NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, *retbuf,
2309 curthread);
2310 error = namei(&nd);
2311 if (error == 0) {
2312 if (nd.ni_vp == vp)
2313 do_fullpath = false;
2314 vrele(nd.ni_vp);
2315 NDFREE(&nd, NDF_ONLY_PNBUF);
2316 }
2317 }
2318 }
2319 if (do_fullpath) {
2320 free(*freebuf, M_TEMP);
2321 *freebuf = NULL;
2322 error = vn_fullpath(vp, retbuf, freebuf);
2323 }
2324 vrele(vp);
2325 if (dvp != NULL)
2326 vrele(dvp);
2327 return (error);
2328 }
2329
2330 /*
2331 * This sysctl allows a process to retrieve the path of the executable for
2332 * itself or another process.
2333 */
2334 static int
sysctl_kern_proc_pathname(SYSCTL_HANDLER_ARGS)2335 sysctl_kern_proc_pathname(SYSCTL_HANDLER_ARGS)
2336 {
2337 pid_t *pidp = (pid_t *)arg1;
2338 unsigned int arglen = arg2;
2339 struct proc *p;
2340 char *retbuf, *freebuf, *binname;
2341 int error;
2342
2343 if (arglen != 1)
2344 return (EINVAL);
2345 binname = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
2346 binname[0] = '\0';
2347 if (*pidp == -1) { /* -1 means this process */
2348 error = 0;
2349 p = req->td->td_proc;
2350 PROC_LOCK(p);
2351 } else {
2352 error = pget(*pidp, PGET_CANSEE, &p);
2353 }
2354
2355 if (error == 0)
2356 error = proc_get_binpath(p, binname, &retbuf, &freebuf);
2357 free(binname, M_TEMP);
2358 if (error != 0)
2359 return (error);
2360 error = SYSCTL_OUT(req, retbuf, strlen(retbuf) + 1);
2361 free(freebuf, M_TEMP);
2362 return (error);
2363 }
2364
2365 static int
sysctl_kern_proc_sv_name(SYSCTL_HANDLER_ARGS)2366 sysctl_kern_proc_sv_name(SYSCTL_HANDLER_ARGS)
2367 {
2368 struct proc *p;
2369 char *sv_name;
2370 int *name;
2371 int namelen;
2372 int error;
2373
2374 namelen = arg2;
2375 if (namelen != 1)
2376 return (EINVAL);
2377
2378 name = (int *)arg1;
2379 error = pget((pid_t)name[0], PGET_CANSEE, &p);
2380 if (error != 0)
2381 return (error);
2382 sv_name = p->p_sysent->sv_name;
2383 PROC_UNLOCK(p);
2384 return (sysctl_handle_string(oidp, sv_name, 0, req));
2385 }
2386
2387 #ifdef KINFO_OVMENTRY_SIZE
2388 CTASSERT(sizeof(struct kinfo_ovmentry) == KINFO_OVMENTRY_SIZE);
2389 #endif
2390
2391 #ifdef COMPAT_FREEBSD7
2392 static int
sysctl_kern_proc_ovmmap(SYSCTL_HANDLER_ARGS)2393 sysctl_kern_proc_ovmmap(SYSCTL_HANDLER_ARGS)
2394 {
2395 vm_map_entry_t entry, tmp_entry;
2396 unsigned int last_timestamp, namelen;
2397 char *fullpath, *freepath;
2398 struct kinfo_ovmentry *kve;
2399 struct vattr va;
2400 struct ucred *cred;
2401 int error, *name;
2402 struct vnode *vp;
2403 struct proc *p;
2404 vm_map_t map;
2405 struct vmspace *vm;
2406
2407 namelen = arg2;
2408 if (namelen != 1)
2409 return (EINVAL);
2410
2411 name = (int *)arg1;
2412 error = pget((pid_t)name[0], PGET_WANTREAD, &p);
2413 if (error != 0)
2414 return (error);
2415 vm = vmspace_acquire_ref(p);
2416 if (vm == NULL) {
2417 PRELE(p);
2418 return (ESRCH);
2419 }
2420 kve = malloc(sizeof(*kve), M_TEMP, M_WAITOK);
2421
2422 map = &vm->vm_map;
2423 vm_map_lock_read(map);
2424 VM_MAP_ENTRY_FOREACH(entry, map) {
2425 vm_object_t obj, tobj, lobj;
2426 vm_offset_t addr;
2427
2428 if (entry->eflags & MAP_ENTRY_IS_SUB_MAP)
2429 continue;
2430
2431 bzero(kve, sizeof(*kve));
2432 kve->kve_structsize = sizeof(*kve);
2433
2434 kve->kve_private_resident = 0;
2435 obj = entry->object.vm_object;
2436 if (obj != NULL) {
2437 VM_OBJECT_RLOCK(obj);
2438 if (obj->shadow_count == 1)
2439 kve->kve_private_resident =
2440 obj->resident_page_count;
2441 }
2442 kve->kve_resident = 0;
2443 addr = entry->start;
2444 while (addr < entry->end) {
2445 if (pmap_extract(map->pmap, addr))
2446 kve->kve_resident++;
2447 addr += PAGE_SIZE;
2448 }
2449
2450 for (lobj = tobj = obj; tobj; tobj = tobj->backing_object) {
2451 if (tobj != obj) {
2452 VM_OBJECT_RLOCK(tobj);
2453 kve->kve_offset += tobj->backing_object_offset;
2454 }
2455 if (lobj != obj)
2456 VM_OBJECT_RUNLOCK(lobj);
2457 lobj = tobj;
2458 }
2459
2460 kve->kve_start = (void*)entry->start;
2461 kve->kve_end = (void*)entry->end;
2462 kve->kve_offset += (off_t)entry->offset;
2463
2464 if (entry->protection & VM_PROT_READ)
2465 kve->kve_protection |= KVME_PROT_READ;
2466 if (entry->protection & VM_PROT_WRITE)
2467 kve->kve_protection |= KVME_PROT_WRITE;
2468 if (entry->protection & VM_PROT_EXECUTE)
2469 kve->kve_protection |= KVME_PROT_EXEC;
2470
2471 if (entry->eflags & MAP_ENTRY_COW)
2472 kve->kve_flags |= KVME_FLAG_COW;
2473 if (entry->eflags & MAP_ENTRY_NEEDS_COPY)
2474 kve->kve_flags |= KVME_FLAG_NEEDS_COPY;
2475 if (entry->eflags & MAP_ENTRY_NOCOREDUMP)
2476 kve->kve_flags |= KVME_FLAG_NOCOREDUMP;
2477
2478 last_timestamp = map->timestamp;
2479 vm_map_unlock_read(map);
2480
2481 kve->kve_fileid = 0;
2482 kve->kve_fsid = 0;
2483 freepath = NULL;
2484 fullpath = "";
2485 if (lobj) {
2486 kve->kve_type = vm_object_kvme_type(lobj, &vp);
2487 if (kve->kve_type == KVME_TYPE_MGTDEVICE)
2488 kve->kve_type = KVME_TYPE_UNKNOWN;
2489 if (vp != NULL)
2490 vref(vp);
2491 if (lobj != obj)
2492 VM_OBJECT_RUNLOCK(lobj);
2493
2494 kve->kve_ref_count = obj->ref_count;
2495 kve->kve_shadow_count = obj->shadow_count;
2496 VM_OBJECT_RUNLOCK(obj);
2497 if (vp != NULL) {
2498 vn_fullpath(vp, &fullpath, &freepath);
2499 cred = curthread->td_ucred;
2500 vn_lock(vp, LK_SHARED | LK_RETRY);
2501 if (VOP_GETATTR(vp, &va, cred) == 0) {
2502 kve->kve_fileid = va.va_fileid;
2503 /* truncate */
2504 kve->kve_fsid = va.va_fsid;
2505 }
2506 vput(vp);
2507 }
2508 } else {
2509 kve->kve_type = KVME_TYPE_NONE;
2510 kve->kve_ref_count = 0;
2511 kve->kve_shadow_count = 0;
2512 }
2513
2514 strlcpy(kve->kve_path, fullpath, sizeof(kve->kve_path));
2515 if (freepath != NULL)
2516 free(freepath, M_TEMP);
2517
2518 error = SYSCTL_OUT(req, kve, sizeof(*kve));
2519 vm_map_lock_read(map);
2520 if (error)
2521 break;
2522 if (last_timestamp != map->timestamp) {
2523 vm_map_lookup_entry(map, addr - 1, &tmp_entry);
2524 entry = tmp_entry;
2525 }
2526 }
2527 vm_map_unlock_read(map);
2528 vmspace_free(vm);
2529 PRELE(p);
2530 free(kve, M_TEMP);
2531 return (error);
2532 }
2533 #endif /* COMPAT_FREEBSD7 */
2534
2535 #ifdef KINFO_VMENTRY_SIZE
2536 CTASSERT(sizeof(struct kinfo_vmentry) == KINFO_VMENTRY_SIZE);
2537 #endif
2538
2539 void
kern_proc_vmmap_resident(vm_map_t map,vm_map_entry_t entry,int * resident_count,bool * super)2540 kern_proc_vmmap_resident(vm_map_t map, vm_map_entry_t entry,
2541 int *resident_count, bool *super)
2542 {
2543 vm_object_t obj, tobj;
2544 vm_page_t m, m_adv;
2545 vm_offset_t addr;
2546 vm_paddr_t pa;
2547 vm_pindex_t pi, pi_adv, pindex;
2548
2549 *super = false;
2550 *resident_count = 0;
2551 if (vmmap_skip_res_cnt)
2552 return;
2553
2554 pa = 0;
2555 obj = entry->object.vm_object;
2556 addr = entry->start;
2557 m_adv = NULL;
2558 pi = OFF_TO_IDX(entry->offset);
2559 for (; addr < entry->end; addr += IDX_TO_OFF(pi_adv), pi += pi_adv) {
2560 if (m_adv != NULL) {
2561 m = m_adv;
2562 } else {
2563 pi_adv = atop(entry->end - addr);
2564 pindex = pi;
2565 for (tobj = obj;; tobj = tobj->backing_object) {
2566 m = vm_page_find_least(tobj, pindex);
2567 if (m != NULL) {
2568 if (m->pindex == pindex)
2569 break;
2570 if (pi_adv > m->pindex - pindex) {
2571 pi_adv = m->pindex - pindex;
2572 m_adv = m;
2573 }
2574 }
2575 if (tobj->backing_object == NULL)
2576 goto next;
2577 pindex += OFF_TO_IDX(tobj->
2578 backing_object_offset);
2579 }
2580 }
2581 m_adv = NULL;
2582 if (m->psind != 0 && addr + pagesizes[1] <= entry->end &&
2583 (addr & (pagesizes[1] - 1)) == 0 &&
2584 (pmap_mincore(map->pmap, addr, &pa) & MINCORE_SUPER) != 0) {
2585 *super = true;
2586 pi_adv = atop(pagesizes[1]);
2587 } else {
2588 /*
2589 * We do not test the found page on validity.
2590 * Either the page is busy and being paged in,
2591 * or it was invalidated. The first case
2592 * should be counted as resident, the second
2593 * is not so clear; we do account both.
2594 */
2595 pi_adv = 1;
2596 }
2597 *resident_count += pi_adv;
2598 next:;
2599 }
2600 }
2601
2602 /*
2603 * Must be called with the process locked and will return unlocked.
2604 */
2605 int
kern_proc_vmmap_out(struct proc * p,struct sbuf * sb,ssize_t maxlen,int flags)2606 kern_proc_vmmap_out(struct proc *p, struct sbuf *sb, ssize_t maxlen, int flags)
2607 {
2608 vm_map_entry_t entry, tmp_entry;
2609 struct vattr va;
2610 vm_map_t map;
2611 vm_object_t lobj, nobj, obj, tobj;
2612 char *fullpath, *freepath;
2613 struct kinfo_vmentry *kve;
2614 struct ucred *cred;
2615 struct vnode *vp;
2616 struct vmspace *vm;
2617 vm_offset_t addr;
2618 unsigned int last_timestamp;
2619 int error;
2620 bool guard, super;
2621
2622 PROC_LOCK_ASSERT(p, MA_OWNED);
2623
2624 _PHOLD(p);
2625 PROC_UNLOCK(p);
2626 vm = vmspace_acquire_ref(p);
2627 if (vm == NULL) {
2628 PRELE(p);
2629 return (ESRCH);
2630 }
2631 kve = malloc(sizeof(*kve), M_TEMP, M_WAITOK | M_ZERO);
2632
2633 error = 0;
2634 map = &vm->vm_map;
2635 vm_map_lock_read(map);
2636 VM_MAP_ENTRY_FOREACH(entry, map) {
2637 if (entry->eflags & MAP_ENTRY_IS_SUB_MAP)
2638 continue;
2639
2640 addr = entry->end;
2641 bzero(kve, sizeof(*kve));
2642 obj = entry->object.vm_object;
2643 if (obj != NULL) {
2644 if ((obj->flags & OBJ_ANON) != 0)
2645 kve->kve_obj = (uintptr_t)obj;
2646
2647 for (tobj = obj; tobj != NULL;
2648 tobj = tobj->backing_object) {
2649 VM_OBJECT_RLOCK(tobj);
2650 kve->kve_offset += tobj->backing_object_offset;
2651 lobj = tobj;
2652 }
2653 if (obj->backing_object == NULL)
2654 kve->kve_private_resident =
2655 obj->resident_page_count;
2656 kern_proc_vmmap_resident(map, entry,
2657 &kve->kve_resident, &super);
2658 if (super)
2659 kve->kve_flags |= KVME_FLAG_SUPER;
2660 for (tobj = obj; tobj != NULL; tobj = nobj) {
2661 nobj = tobj->backing_object;
2662 if (tobj != obj && tobj != lobj)
2663 VM_OBJECT_RUNLOCK(tobj);
2664 }
2665 } else {
2666 lobj = NULL;
2667 }
2668
2669 kve->kve_start = entry->start;
2670 kve->kve_end = entry->end;
2671 kve->kve_offset += entry->offset;
2672
2673 if (entry->protection & VM_PROT_READ)
2674 kve->kve_protection |= KVME_PROT_READ;
2675 if (entry->protection & VM_PROT_WRITE)
2676 kve->kve_protection |= KVME_PROT_WRITE;
2677 if (entry->protection & VM_PROT_EXECUTE)
2678 kve->kve_protection |= KVME_PROT_EXEC;
2679
2680 if (entry->eflags & MAP_ENTRY_COW)
2681 kve->kve_flags |= KVME_FLAG_COW;
2682 if (entry->eflags & MAP_ENTRY_NEEDS_COPY)
2683 kve->kve_flags |= KVME_FLAG_NEEDS_COPY;
2684 if (entry->eflags & MAP_ENTRY_NOCOREDUMP)
2685 kve->kve_flags |= KVME_FLAG_NOCOREDUMP;
2686 if (entry->eflags & MAP_ENTRY_GROWS_UP)
2687 kve->kve_flags |= KVME_FLAG_GROWS_UP;
2688 if (entry->eflags & MAP_ENTRY_GROWS_DOWN)
2689 kve->kve_flags |= KVME_FLAG_GROWS_DOWN;
2690 if (entry->eflags & MAP_ENTRY_USER_WIRED)
2691 kve->kve_flags |= KVME_FLAG_USER_WIRED;
2692
2693 guard = (entry->eflags & MAP_ENTRY_GUARD) != 0;
2694
2695 last_timestamp = map->timestamp;
2696 vm_map_unlock_read(map);
2697
2698 freepath = NULL;
2699 fullpath = "";
2700 if (lobj != NULL) {
2701 kve->kve_type = vm_object_kvme_type(lobj, &vp);
2702 if (vp != NULL)
2703 vref(vp);
2704 if (lobj != obj)
2705 VM_OBJECT_RUNLOCK(lobj);
2706
2707 kve->kve_ref_count = obj->ref_count;
2708 kve->kve_shadow_count = obj->shadow_count;
2709 VM_OBJECT_RUNLOCK(obj);
2710 if (vp != NULL) {
2711 vn_fullpath(vp, &fullpath, &freepath);
2712 kve->kve_vn_type = vntype_to_kinfo(vp->v_type);
2713 cred = curthread->td_ucred;
2714 vn_lock(vp, LK_SHARED | LK_RETRY);
2715 if (VOP_GETATTR(vp, &va, cred) == 0) {
2716 kve->kve_vn_fileid = va.va_fileid;
2717 kve->kve_vn_fsid = va.va_fsid;
2718 kve->kve_vn_fsid_freebsd11 =
2719 kve->kve_vn_fsid; /* truncate */
2720 kve->kve_vn_mode =
2721 MAKEIMODE(va.va_type, va.va_mode);
2722 kve->kve_vn_size = va.va_size;
2723 kve->kve_vn_rdev = va.va_rdev;
2724 kve->kve_vn_rdev_freebsd11 =
2725 kve->kve_vn_rdev; /* truncate */
2726 kve->kve_status = KF_ATTR_VALID;
2727 }
2728 vput(vp);
2729 }
2730 } else {
2731 kve->kve_type = guard ? KVME_TYPE_GUARD :
2732 KVME_TYPE_NONE;
2733 kve->kve_ref_count = 0;
2734 kve->kve_shadow_count = 0;
2735 }
2736
2737 strlcpy(kve->kve_path, fullpath, sizeof(kve->kve_path));
2738 if (freepath != NULL)
2739 free(freepath, M_TEMP);
2740
2741 /* Pack record size down */
2742 if ((flags & KERN_VMMAP_PACK_KINFO) != 0)
2743 kve->kve_structsize =
2744 offsetof(struct kinfo_vmentry, kve_path) +
2745 strlen(kve->kve_path) + 1;
2746 else
2747 kve->kve_structsize = sizeof(*kve);
2748 kve->kve_structsize = roundup(kve->kve_structsize,
2749 sizeof(uint64_t));
2750
2751 /* Halt filling and truncate rather than exceeding maxlen */
2752 if (maxlen != -1 && maxlen < kve->kve_structsize) {
2753 error = 0;
2754 vm_map_lock_read(map);
2755 break;
2756 } else if (maxlen != -1)
2757 maxlen -= kve->kve_structsize;
2758
2759 if (sbuf_bcat(sb, kve, kve->kve_structsize) != 0)
2760 error = ENOMEM;
2761 vm_map_lock_read(map);
2762 if (error != 0)
2763 break;
2764 if (last_timestamp != map->timestamp) {
2765 vm_map_lookup_entry(map, addr - 1, &tmp_entry);
2766 entry = tmp_entry;
2767 }
2768 }
2769 vm_map_unlock_read(map);
2770 vmspace_free(vm);
2771 PRELE(p);
2772 free(kve, M_TEMP);
2773 return (error);
2774 }
2775
2776 static int
sysctl_kern_proc_vmmap(SYSCTL_HANDLER_ARGS)2777 sysctl_kern_proc_vmmap(SYSCTL_HANDLER_ARGS)
2778 {
2779 struct proc *p;
2780 struct sbuf sb;
2781 u_int namelen;
2782 int error, error2, *name;
2783
2784 namelen = arg2;
2785 if (namelen != 1)
2786 return (EINVAL);
2787
2788 name = (int *)arg1;
2789 sbuf_new_for_sysctl(&sb, NULL, sizeof(struct kinfo_vmentry), req);
2790 sbuf_clear_flags(&sb, SBUF_INCLUDENUL);
2791 error = pget((pid_t)name[0], PGET_CANDEBUG | PGET_NOTWEXIT, &p);
2792 if (error != 0) {
2793 sbuf_delete(&sb);
2794 return (error);
2795 }
2796 error = kern_proc_vmmap_out(p, &sb, -1, KERN_VMMAP_PACK_KINFO);
2797 error2 = sbuf_finish(&sb);
2798 sbuf_delete(&sb);
2799 return (error != 0 ? error : error2);
2800 }
2801
2802 #if defined(STACK) || defined(DDB)
2803 static int
sysctl_kern_proc_kstack(SYSCTL_HANDLER_ARGS)2804 sysctl_kern_proc_kstack(SYSCTL_HANDLER_ARGS)
2805 {
2806 struct kinfo_kstack *kkstp;
2807 int error, i, *name, numthreads;
2808 lwpid_t *lwpidarray;
2809 struct thread *td;
2810 struct stack *st;
2811 struct sbuf sb;
2812 struct proc *p;
2813 u_int namelen;
2814
2815 namelen = arg2;
2816 if (namelen != 1)
2817 return (EINVAL);
2818
2819 name = (int *)arg1;
2820 error = pget((pid_t)name[0], PGET_NOTINEXEC | PGET_WANTREAD, &p);
2821 if (error != 0)
2822 return (error);
2823
2824 kkstp = malloc(sizeof(*kkstp), M_TEMP, M_WAITOK);
2825 st = stack_create(M_WAITOK);
2826
2827 lwpidarray = NULL;
2828 PROC_LOCK(p);
2829 do {
2830 if (lwpidarray != NULL) {
2831 free(lwpidarray, M_TEMP);
2832 lwpidarray = NULL;
2833 }
2834 numthreads = p->p_numthreads;
2835 PROC_UNLOCK(p);
2836 lwpidarray = malloc(sizeof(*lwpidarray) * numthreads, M_TEMP,
2837 M_WAITOK | M_ZERO);
2838 PROC_LOCK(p);
2839 } while (numthreads < p->p_numthreads);
2840
2841 /*
2842 * XXXRW: During the below loop, execve(2) and countless other sorts
2843 * of changes could have taken place. Should we check to see if the
2844 * vmspace has been replaced, or the like, in order to prevent
2845 * giving a snapshot that spans, say, execve(2), with some threads
2846 * before and some after? Among other things, the credentials could
2847 * have changed, in which case the right to extract debug info might
2848 * no longer be assured.
2849 */
2850 i = 0;
2851 FOREACH_THREAD_IN_PROC(p, td) {
2852 KASSERT(i < numthreads,
2853 ("sysctl_kern_proc_kstack: numthreads"));
2854 lwpidarray[i] = td->td_tid;
2855 i++;
2856 }
2857 PROC_UNLOCK(p);
2858 numthreads = i;
2859 for (i = 0; i < numthreads; i++) {
2860 td = tdfind(lwpidarray[i], p->p_pid);
2861 if (td == NULL) {
2862 continue;
2863 }
2864 bzero(kkstp, sizeof(*kkstp));
2865 (void)sbuf_new(&sb, kkstp->kkst_trace,
2866 sizeof(kkstp->kkst_trace), SBUF_FIXEDLEN);
2867 thread_lock(td);
2868 kkstp->kkst_tid = td->td_tid;
2869 if (TD_IS_SWAPPED(td))
2870 kkstp->kkst_state = KKST_STATE_SWAPPED;
2871 else if (stack_save_td(st, td) == 0)
2872 kkstp->kkst_state = KKST_STATE_STACKOK;
2873 else
2874 kkstp->kkst_state = KKST_STATE_RUNNING;
2875 thread_unlock(td);
2876 PROC_UNLOCK(p);
2877 stack_sbuf_print(&sb, st);
2878 sbuf_finish(&sb);
2879 sbuf_delete(&sb);
2880 error = SYSCTL_OUT(req, kkstp, sizeof(*kkstp));
2881 if (error)
2882 break;
2883 }
2884 PRELE(p);
2885 if (lwpidarray != NULL)
2886 free(lwpidarray, M_TEMP);
2887 stack_destroy(st);
2888 free(kkstp, M_TEMP);
2889 return (error);
2890 }
2891 #endif
2892
2893 /*
2894 * This sysctl allows a process to retrieve the full list of groups from
2895 * itself or another process.
2896 */
2897 static int
sysctl_kern_proc_groups(SYSCTL_HANDLER_ARGS)2898 sysctl_kern_proc_groups(SYSCTL_HANDLER_ARGS)
2899 {
2900 pid_t *pidp = (pid_t *)arg1;
2901 unsigned int arglen = arg2;
2902 struct proc *p;
2903 struct ucred *cred;
2904 int error;
2905
2906 if (arglen != 1)
2907 return (EINVAL);
2908 if (*pidp == -1) { /* -1 means this process */
2909 p = req->td->td_proc;
2910 PROC_LOCK(p);
2911 } else {
2912 error = pget(*pidp, PGET_CANSEE, &p);
2913 if (error != 0)
2914 return (error);
2915 }
2916
2917 cred = crhold(p->p_ucred);
2918 PROC_UNLOCK(p);
2919
2920 error = SYSCTL_OUT(req, cred->cr_groups,
2921 cred->cr_ngroups * sizeof(gid_t));
2922 crfree(cred);
2923 return (error);
2924 }
2925
2926 /*
2927 * This sysctl allows a process to retrieve or/and set the resource limit for
2928 * another process.
2929 */
2930 static int
sysctl_kern_proc_rlimit(SYSCTL_HANDLER_ARGS)2931 sysctl_kern_proc_rlimit(SYSCTL_HANDLER_ARGS)
2932 {
2933 int *name = (int *)arg1;
2934 u_int namelen = arg2;
2935 struct rlimit rlim;
2936 struct proc *p;
2937 u_int which;
2938 int flags, error;
2939
2940 if (namelen != 2)
2941 return (EINVAL);
2942
2943 which = (u_int)name[1];
2944 if (which >= RLIM_NLIMITS)
2945 return (EINVAL);
2946
2947 if (req->newptr != NULL && req->newlen != sizeof(rlim))
2948 return (EINVAL);
2949
2950 flags = PGET_HOLD | PGET_NOTWEXIT;
2951 if (req->newptr != NULL)
2952 flags |= PGET_CANDEBUG;
2953 else
2954 flags |= PGET_CANSEE;
2955 error = pget((pid_t)name[0], flags, &p);
2956 if (error != 0)
2957 return (error);
2958
2959 /*
2960 * Retrieve limit.
2961 */
2962 if (req->oldptr != NULL) {
2963 PROC_LOCK(p);
2964 lim_rlimit_proc(p, which, &rlim);
2965 PROC_UNLOCK(p);
2966 }
2967 error = SYSCTL_OUT(req, &rlim, sizeof(rlim));
2968 if (error != 0)
2969 goto errout;
2970
2971 /*
2972 * Set limit.
2973 */
2974 if (req->newptr != NULL) {
2975 error = SYSCTL_IN(req, &rlim, sizeof(rlim));
2976 if (error == 0)
2977 error = kern_proc_setrlimit(curthread, p, which, &rlim);
2978 }
2979
2980 errout:
2981 PRELE(p);
2982 return (error);
2983 }
2984
2985 /*
2986 * This sysctl allows a process to retrieve ps_strings structure location of
2987 * another process.
2988 */
2989 static int
sysctl_kern_proc_ps_strings(SYSCTL_HANDLER_ARGS)2990 sysctl_kern_proc_ps_strings(SYSCTL_HANDLER_ARGS)
2991 {
2992 int *name = (int *)arg1;
2993 u_int namelen = arg2;
2994 struct proc *p;
2995 vm_offset_t ps_strings;
2996 int error;
2997 #ifdef COMPAT_FREEBSD32
2998 uint32_t ps_strings32;
2999 #endif
3000
3001 if (namelen != 1)
3002 return (EINVAL);
3003
3004 error = pget((pid_t)name[0], PGET_CANDEBUG, &p);
3005 if (error != 0)
3006 return (error);
3007 #ifdef COMPAT_FREEBSD32
3008 if ((req->flags & SCTL_MASK32) != 0) {
3009 /*
3010 * We return 0 if the 32 bit emulation request is for a 64 bit
3011 * process.
3012 */
3013 ps_strings32 = SV_PROC_FLAG(p, SV_ILP32) != 0 ?
3014 PTROUT(PROC_PS_STRINGS(p)) : 0;
3015 PROC_UNLOCK(p);
3016 error = SYSCTL_OUT(req, &ps_strings32, sizeof(ps_strings32));
3017 return (error);
3018 }
3019 #endif
3020 ps_strings = PROC_PS_STRINGS(p);
3021 PROC_UNLOCK(p);
3022 error = SYSCTL_OUT(req, &ps_strings, sizeof(ps_strings));
3023 return (error);
3024 }
3025
3026 /*
3027 * This sysctl allows a process to retrieve umask of another process.
3028 */
3029 static int
sysctl_kern_proc_umask(SYSCTL_HANDLER_ARGS)3030 sysctl_kern_proc_umask(SYSCTL_HANDLER_ARGS)
3031 {
3032 int *name = (int *)arg1;
3033 u_int namelen = arg2;
3034 struct proc *p;
3035 int error;
3036 u_short cmask;
3037 pid_t pid;
3038
3039 if (namelen != 1)
3040 return (EINVAL);
3041
3042 pid = (pid_t)name[0];
3043 p = curproc;
3044 if (pid == p->p_pid || pid == 0) {
3045 cmask = p->p_pd->pd_cmask;
3046 goto out;
3047 }
3048
3049 error = pget(pid, PGET_WANTREAD, &p);
3050 if (error != 0)
3051 return (error);
3052
3053 cmask = p->p_pd->pd_cmask;
3054 PRELE(p);
3055 out:
3056 error = SYSCTL_OUT(req, &cmask, sizeof(cmask));
3057 return (error);
3058 }
3059
3060 /*
3061 * This sysctl allows a process to set and retrieve binary osreldate of
3062 * another process.
3063 */
3064 static int
sysctl_kern_proc_osrel(SYSCTL_HANDLER_ARGS)3065 sysctl_kern_proc_osrel(SYSCTL_HANDLER_ARGS)
3066 {
3067 int *name = (int *)arg1;
3068 u_int namelen = arg2;
3069 struct proc *p;
3070 int flags, error, osrel;
3071
3072 if (namelen != 1)
3073 return (EINVAL);
3074
3075 if (req->newptr != NULL && req->newlen != sizeof(osrel))
3076 return (EINVAL);
3077
3078 flags = PGET_HOLD | PGET_NOTWEXIT;
3079 if (req->newptr != NULL)
3080 flags |= PGET_CANDEBUG;
3081 else
3082 flags |= PGET_CANSEE;
3083 error = pget((pid_t)name[0], flags, &p);
3084 if (error != 0)
3085 return (error);
3086
3087 error = SYSCTL_OUT(req, &p->p_osrel, sizeof(p->p_osrel));
3088 if (error != 0)
3089 goto errout;
3090
3091 if (req->newptr != NULL) {
3092 error = SYSCTL_IN(req, &osrel, sizeof(osrel));
3093 if (error != 0)
3094 goto errout;
3095 if (osrel < 0) {
3096 error = EINVAL;
3097 goto errout;
3098 }
3099 p->p_osrel = osrel;
3100 }
3101 errout:
3102 PRELE(p);
3103 return (error);
3104 }
3105
3106 static int
sysctl_kern_proc_sigtramp(SYSCTL_HANDLER_ARGS)3107 sysctl_kern_proc_sigtramp(SYSCTL_HANDLER_ARGS)
3108 {
3109 int *name = (int *)arg1;
3110 u_int namelen = arg2;
3111 struct proc *p;
3112 struct kinfo_sigtramp kst;
3113 const struct sysentvec *sv;
3114 int error;
3115 #ifdef COMPAT_FREEBSD32
3116 struct kinfo_sigtramp32 kst32;
3117 #endif
3118
3119 if (namelen != 1)
3120 return (EINVAL);
3121
3122 error = pget((pid_t)name[0], PGET_CANDEBUG, &p);
3123 if (error != 0)
3124 return (error);
3125 sv = p->p_sysent;
3126 #ifdef COMPAT_FREEBSD32
3127 if ((req->flags & SCTL_MASK32) != 0) {
3128 bzero(&kst32, sizeof(kst32));
3129 if (SV_PROC_FLAG(p, SV_ILP32)) {
3130 if (sv->sv_sigcode_base != 0) {
3131 kst32.ksigtramp_start = sv->sv_sigcode_base;
3132 kst32.ksigtramp_end = sv->sv_sigcode_base +
3133 ((sv->sv_flags & SV_DSO_SIG) == 0 ?
3134 *sv->sv_szsigcode :
3135 (uintptr_t)sv->sv_szsigcode);
3136 } else {
3137 kst32.ksigtramp_start = PROC_PS_STRINGS(p) -
3138 *sv->sv_szsigcode;
3139 kst32.ksigtramp_end = PROC_PS_STRINGS(p);
3140 }
3141 }
3142 PROC_UNLOCK(p);
3143 error = SYSCTL_OUT(req, &kst32, sizeof(kst32));
3144 return (error);
3145 }
3146 #endif
3147 bzero(&kst, sizeof(kst));
3148 if (sv->sv_sigcode_base != 0) {
3149 kst.ksigtramp_start = (char *)sv->sv_sigcode_base;
3150 kst.ksigtramp_end = (char *)sv->sv_sigcode_base +
3151 ((sv->sv_flags & SV_DSO_SIG) == 0 ? *sv->sv_szsigcode :
3152 (uintptr_t)sv->sv_szsigcode);
3153 } else {
3154 kst.ksigtramp_start = (char *)PROC_PS_STRINGS(p) -
3155 *sv->sv_szsigcode;
3156 kst.ksigtramp_end = (char *)PROC_PS_STRINGS(p);
3157 }
3158 PROC_UNLOCK(p);
3159 error = SYSCTL_OUT(req, &kst, sizeof(kst));
3160 return (error);
3161 }
3162
3163 static int
sysctl_kern_proc_sigfastblk(SYSCTL_HANDLER_ARGS)3164 sysctl_kern_proc_sigfastblk(SYSCTL_HANDLER_ARGS)
3165 {
3166 int *name = (int *)arg1;
3167 u_int namelen = arg2;
3168 pid_t pid;
3169 struct proc *p;
3170 struct thread *td1;
3171 uintptr_t addr;
3172 #ifdef COMPAT_FREEBSD32
3173 uint32_t addr32;
3174 #endif
3175 int error;
3176
3177 if (namelen != 1 || req->newptr != NULL)
3178 return (EINVAL);
3179
3180 pid = (pid_t)name[0];
3181 error = pget(pid, PGET_HOLD | PGET_NOTWEXIT | PGET_CANDEBUG, &p);
3182 if (error != 0)
3183 return (error);
3184
3185 PROC_LOCK(p);
3186 #ifdef COMPAT_FREEBSD32
3187 if (SV_CURPROC_FLAG(SV_ILP32)) {
3188 if (!SV_PROC_FLAG(p, SV_ILP32)) {
3189 error = EINVAL;
3190 goto errlocked;
3191 }
3192 }
3193 #endif
3194 if (pid <= PID_MAX) {
3195 td1 = FIRST_THREAD_IN_PROC(p);
3196 } else {
3197 FOREACH_THREAD_IN_PROC(p, td1) {
3198 if (td1->td_tid == pid)
3199 break;
3200 }
3201 }
3202 if (td1 == NULL) {
3203 error = ESRCH;
3204 goto errlocked;
3205 }
3206 /*
3207 * The access to the private thread flags. It is fine as far
3208 * as no out-of-thin-air values are read from td_pflags, and
3209 * usermode read of the td_sigblock_ptr is racy inherently,
3210 * since target process might have already changed it
3211 * meantime.
3212 */
3213 if ((td1->td_pflags & TDP_SIGFASTBLOCK) != 0)
3214 addr = (uintptr_t)td1->td_sigblock_ptr;
3215 else
3216 error = ENOTTY;
3217
3218 errlocked:
3219 _PRELE(p);
3220 PROC_UNLOCK(p);
3221 if (error != 0)
3222 return (error);
3223
3224 #ifdef COMPAT_FREEBSD32
3225 if (SV_CURPROC_FLAG(SV_ILP32)) {
3226 addr32 = addr;
3227 error = SYSCTL_OUT(req, &addr32, sizeof(addr32));
3228 } else
3229 #endif
3230 error = SYSCTL_OUT(req, &addr, sizeof(addr));
3231 return (error);
3232 }
3233
3234 SYSCTL_NODE(_kern, KERN_PROC, proc, CTLFLAG_RD | CTLFLAG_MPSAFE, 0,
3235 "Process table");
3236
3237 SYSCTL_PROC(_kern_proc, KERN_PROC_ALL, all, CTLFLAG_RD|CTLTYPE_STRUCT|
3238 CTLFLAG_MPSAFE, 0, 0, sysctl_kern_proc, "S,proc",
3239 "Return entire process table");
3240
3241 static SYSCTL_NODE(_kern_proc, KERN_PROC_GID, gid, CTLFLAG_RD | CTLFLAG_MPSAFE,
3242 sysctl_kern_proc, "Process table");
3243
3244 static SYSCTL_NODE(_kern_proc, KERN_PROC_PGRP, pgrp, CTLFLAG_RD | CTLFLAG_MPSAFE,
3245 sysctl_kern_proc, "Process table");
3246
3247 static SYSCTL_NODE(_kern_proc, KERN_PROC_RGID, rgid, CTLFLAG_RD | CTLFLAG_MPSAFE,
3248 sysctl_kern_proc, "Process table");
3249
3250 static SYSCTL_NODE(_kern_proc, KERN_PROC_SESSION, sid, CTLFLAG_RD |
3251 CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3252
3253 static SYSCTL_NODE(_kern_proc, KERN_PROC_TTY, tty, CTLFLAG_RD | CTLFLAG_MPSAFE,
3254 sysctl_kern_proc, "Process table");
3255
3256 static SYSCTL_NODE(_kern_proc, KERN_PROC_UID, uid, CTLFLAG_RD | CTLFLAG_MPSAFE,
3257 sysctl_kern_proc, "Process table");
3258
3259 static SYSCTL_NODE(_kern_proc, KERN_PROC_RUID, ruid, CTLFLAG_RD | CTLFLAG_MPSAFE,
3260 sysctl_kern_proc, "Process table");
3261
3262 static SYSCTL_NODE(_kern_proc, KERN_PROC_PID, pid, CTLFLAG_RD | CTLFLAG_MPSAFE,
3263 sysctl_kern_proc, "Process table");
3264
3265 static SYSCTL_NODE(_kern_proc, KERN_PROC_PROC, proc, CTLFLAG_RD | CTLFLAG_MPSAFE,
3266 sysctl_kern_proc, "Return process table, no threads");
3267
3268 static SYSCTL_NODE(_kern_proc, KERN_PROC_ARGS, args,
3269 CTLFLAG_RW | CTLFLAG_CAPWR | CTLFLAG_ANYBODY | CTLFLAG_MPSAFE,
3270 sysctl_kern_proc_args, "Process argument list");
3271
3272 static SYSCTL_NODE(_kern_proc, KERN_PROC_ENV, env, CTLFLAG_RD | CTLFLAG_MPSAFE,
3273 sysctl_kern_proc_env, "Process environment");
3274
3275 static SYSCTL_NODE(_kern_proc, KERN_PROC_AUXV, auxv, CTLFLAG_RD |
3276 CTLFLAG_MPSAFE, sysctl_kern_proc_auxv, "Process ELF auxiliary vector");
3277
3278 static SYSCTL_NODE(_kern_proc, KERN_PROC_PATHNAME, pathname, CTLFLAG_RD |
3279 CTLFLAG_MPSAFE, sysctl_kern_proc_pathname, "Process executable path");
3280
3281 static SYSCTL_NODE(_kern_proc, KERN_PROC_SV_NAME, sv_name, CTLFLAG_RD |
3282 CTLFLAG_MPSAFE, sysctl_kern_proc_sv_name,
3283 "Process syscall vector name (ABI type)");
3284
3285 static SYSCTL_NODE(_kern_proc, (KERN_PROC_GID | KERN_PROC_INC_THREAD), gid_td,
3286 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3287
3288 static SYSCTL_NODE(_kern_proc, (KERN_PROC_PGRP | KERN_PROC_INC_THREAD), pgrp_td,
3289 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3290
3291 static SYSCTL_NODE(_kern_proc, (KERN_PROC_RGID | KERN_PROC_INC_THREAD), rgid_td,
3292 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3293
3294 static SYSCTL_NODE(_kern_proc, (KERN_PROC_SESSION | KERN_PROC_INC_THREAD),
3295 sid_td, CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3296
3297 static SYSCTL_NODE(_kern_proc, (KERN_PROC_TTY | KERN_PROC_INC_THREAD), tty_td,
3298 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3299
3300 static SYSCTL_NODE(_kern_proc, (KERN_PROC_UID | KERN_PROC_INC_THREAD), uid_td,
3301 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3302
3303 static SYSCTL_NODE(_kern_proc, (KERN_PROC_RUID | KERN_PROC_INC_THREAD), ruid_td,
3304 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3305
3306 static SYSCTL_NODE(_kern_proc, (KERN_PROC_PID | KERN_PROC_INC_THREAD), pid_td,
3307 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc, "Process table");
3308
3309 static SYSCTL_NODE(_kern_proc, (KERN_PROC_PROC | KERN_PROC_INC_THREAD), proc_td,
3310 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_kern_proc,
3311 "Return process table, including threads");
3312
3313 #ifdef COMPAT_FREEBSD7
3314 static SYSCTL_NODE(_kern_proc, KERN_PROC_OVMMAP, ovmmap, CTLFLAG_RD |
3315 CTLFLAG_MPSAFE, sysctl_kern_proc_ovmmap, "Old Process vm map entries");
3316 #endif
3317
3318 static SYSCTL_NODE(_kern_proc, KERN_PROC_VMMAP, vmmap, CTLFLAG_RD |
3319 CTLFLAG_MPSAFE, sysctl_kern_proc_vmmap, "Process vm map entries");
3320
3321 #if defined(STACK) || defined(DDB)
3322 static SYSCTL_NODE(_kern_proc, KERN_PROC_KSTACK, kstack, CTLFLAG_RD |
3323 CTLFLAG_MPSAFE, sysctl_kern_proc_kstack, "Process kernel stacks");
3324 #endif
3325
3326 static SYSCTL_NODE(_kern_proc, KERN_PROC_GROUPS, groups, CTLFLAG_RD |
3327 CTLFLAG_MPSAFE, sysctl_kern_proc_groups, "Process groups");
3328
3329 static SYSCTL_NODE(_kern_proc, KERN_PROC_RLIMIT, rlimit, CTLFLAG_RW |
3330 CTLFLAG_ANYBODY | CTLFLAG_MPSAFE, sysctl_kern_proc_rlimit,
3331 "Process resource limits");
3332
3333 static SYSCTL_NODE(_kern_proc, KERN_PROC_PS_STRINGS, ps_strings, CTLFLAG_RD |
3334 CTLFLAG_MPSAFE, sysctl_kern_proc_ps_strings,
3335 "Process ps_strings location");
3336
3337 static SYSCTL_NODE(_kern_proc, KERN_PROC_UMASK, umask, CTLFLAG_RD |
3338 CTLFLAG_MPSAFE, sysctl_kern_proc_umask, "Process umask");
3339
3340 static SYSCTL_NODE(_kern_proc, KERN_PROC_OSREL, osrel, CTLFLAG_RW |
3341 CTLFLAG_ANYBODY | CTLFLAG_MPSAFE, sysctl_kern_proc_osrel,
3342 "Process binary osreldate");
3343
3344 static SYSCTL_NODE(_kern_proc, KERN_PROC_SIGTRAMP, sigtramp, CTLFLAG_RD |
3345 CTLFLAG_MPSAFE, sysctl_kern_proc_sigtramp,
3346 "Process signal trampoline location");
3347
3348 static SYSCTL_NODE(_kern_proc, KERN_PROC_SIGFASTBLK, sigfastblk, CTLFLAG_RD |
3349 CTLFLAG_ANYBODY | CTLFLAG_MPSAFE, sysctl_kern_proc_sigfastblk,
3350 "Thread sigfastblock address");
3351
3352 static struct sx stop_all_proc_blocker;
3353 SX_SYSINIT(stop_all_proc_blocker, &stop_all_proc_blocker, "sapblk");
3354
3355 bool
stop_all_proc_block(void)3356 stop_all_proc_block(void)
3357 {
3358 return (sx_xlock_sig(&stop_all_proc_blocker) == 0);
3359 }
3360
3361 void
stop_all_proc_unblock(void)3362 stop_all_proc_unblock(void)
3363 {
3364 sx_xunlock(&stop_all_proc_blocker);
3365 }
3366
3367 int allproc_gen;
3368
3369 /*
3370 * stop_all_proc() purpose is to stop all process which have usermode,
3371 * except current process for obvious reasons. This makes it somewhat
3372 * unreliable when invoked from multithreaded process. The service
3373 * must not be user-callable anyway.
3374 */
3375 void
stop_all_proc(void)3376 stop_all_proc(void)
3377 {
3378 struct proc *cp, *p;
3379 int r, gen;
3380 bool restart, seen_stopped, seen_exiting, stopped_some;
3381
3382 if (!stop_all_proc_block())
3383 return;
3384
3385 cp = curproc;
3386 allproc_loop:
3387 sx_xlock(&allproc_lock);
3388 gen = allproc_gen;
3389 seen_exiting = seen_stopped = stopped_some = restart = false;
3390 LIST_REMOVE(cp, p_list);
3391 LIST_INSERT_HEAD(&allproc, cp, p_list);
3392 for (;;) {
3393 p = LIST_NEXT(cp, p_list);
3394 if (p == NULL)
3395 break;
3396 LIST_REMOVE(cp, p_list);
3397 LIST_INSERT_AFTER(p, cp, p_list);
3398 PROC_LOCK(p);
3399 if ((p->p_flag & (P_KPROC | P_SYSTEM | P_TOTAL_STOP |
3400 P_STOPPED_SIG)) != 0) {
3401 PROC_UNLOCK(p);
3402 continue;
3403 }
3404 if ((p->p_flag2 & P2_WEXIT) != 0) {
3405 seen_exiting = true;
3406 PROC_UNLOCK(p);
3407 continue;
3408 }
3409 if (P_SHOULDSTOP(p) == P_STOPPED_SINGLE) {
3410 /*
3411 * Stopped processes are tolerated when there
3412 * are no other processes which might continue
3413 * them. P_STOPPED_SINGLE but not
3414 * P_TOTAL_STOP process still has at least one
3415 * thread running.
3416 */
3417 seen_stopped = true;
3418 PROC_UNLOCK(p);
3419 continue;
3420 }
3421 if ((p->p_flag & P_TRACED) != 0) {
3422 /*
3423 * thread_single() below cannot stop traced p,
3424 * so skip it. OTOH, we cannot require
3425 * restart because debugger might be either
3426 * already stopped or traced as well.
3427 */
3428 PROC_UNLOCK(p);
3429 continue;
3430 }
3431 sx_xunlock(&allproc_lock);
3432 _PHOLD(p);
3433 r = thread_single(p, SINGLE_ALLPROC);
3434 if (r != 0)
3435 restart = true;
3436 else
3437 stopped_some = true;
3438 _PRELE(p);
3439 PROC_UNLOCK(p);
3440 sx_xlock(&allproc_lock);
3441 }
3442 /* Catch forked children we did not see in iteration. */
3443 if (gen != allproc_gen)
3444 restart = true;
3445 sx_xunlock(&allproc_lock);
3446 if (restart || stopped_some || seen_exiting || seen_stopped) {
3447 kern_yield(PRI_USER);
3448 goto allproc_loop;
3449 }
3450 }
3451
3452 void
resume_all_proc(void)3453 resume_all_proc(void)
3454 {
3455 struct proc *cp, *p;
3456
3457 cp = curproc;
3458 sx_xlock(&allproc_lock);
3459 again:
3460 LIST_REMOVE(cp, p_list);
3461 LIST_INSERT_HEAD(&allproc, cp, p_list);
3462 for (;;) {
3463 p = LIST_NEXT(cp, p_list);
3464 if (p == NULL)
3465 break;
3466 LIST_REMOVE(cp, p_list);
3467 LIST_INSERT_AFTER(p, cp, p_list);
3468 PROC_LOCK(p);
3469 if ((p->p_flag & P_TOTAL_STOP) != 0) {
3470 sx_xunlock(&allproc_lock);
3471 _PHOLD(p);
3472 thread_single_end(p, SINGLE_ALLPROC);
3473 _PRELE(p);
3474 PROC_UNLOCK(p);
3475 sx_xlock(&allproc_lock);
3476 } else {
3477 PROC_UNLOCK(p);
3478 }
3479 }
3480 /* Did the loop above missed any stopped process ? */
3481 FOREACH_PROC_IN_SYSTEM(p) {
3482 /* No need for proc lock. */
3483 if ((p->p_flag & P_TOTAL_STOP) != 0)
3484 goto again;
3485 }
3486 sx_xunlock(&allproc_lock);
3487
3488 stop_all_proc_unblock();
3489 }
3490
3491 /* #define TOTAL_STOP_DEBUG 1 */
3492 #ifdef TOTAL_STOP_DEBUG
3493 volatile static int ap_resume;
3494 #include <sys/mount.h>
3495
3496 static int
sysctl_debug_stop_all_proc(SYSCTL_HANDLER_ARGS)3497 sysctl_debug_stop_all_proc(SYSCTL_HANDLER_ARGS)
3498 {
3499 int error, val;
3500
3501 val = 0;
3502 ap_resume = 0;
3503 error = sysctl_handle_int(oidp, &val, 0, req);
3504 if (error != 0 || req->newptr == NULL)
3505 return (error);
3506 if (val != 0) {
3507 stop_all_proc();
3508 syncer_suspend();
3509 while (ap_resume == 0)
3510 ;
3511 syncer_resume();
3512 resume_all_proc();
3513 }
3514 return (0);
3515 }
3516
3517 SYSCTL_PROC(_debug, OID_AUTO, stop_all_proc, CTLTYPE_INT | CTLFLAG_RW |
3518 CTLFLAG_MPSAFE, __DEVOLATILE(int *, &ap_resume), 0,
3519 sysctl_debug_stop_all_proc, "I",
3520 "");
3521 #endif
3522